CVE-2009-2870

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 through 12.4

Description A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software, allowing an unauthenticated attacker to cause a denial of service (DoS) condition on an affected device when the Cisco Unified Border Element feature is enabled. This can be achieved via crafted SIP messages.

Recommendations For devices running Cisco IOS versions 12.2 through 12.4 with the Cisco Unified Border Element feature enabled, update to a version that includes the software updates released by Cisco to address this vulnerability. If updating is not feasible, consider mitigations available to limit exposure of the vulnerability, as outlined in the Cisco Security Advisory.