CVE-2012-0361

Name of the Vulnerable Software and Affected Versions Cisco IP Communicator versions 7.0 through 8.6

Description The issue concerns the sccp-protocol component, which does not limit the rate of SCCP messages to Cisco Unified Communications Manager. This allows remote attackers to cause a denial of service via vectors that trigger on hook and off hook messages.

Recommendations For Cisco IP Communicator versions 7.0 through 8.6, consider implementing rate limiting for SCCP messages to Cisco Unified Communications Manager as a temporary workaround to minimize the risk of denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.