CVE-2017-6791

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 9.1(2.10000.28) through 11.0(1.10000.10)

Description A vulnerability in the Trust Verification Service (TVS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The issue is due to improper handling of Transport Layer Security (TLS) traffic. An attacker could exploit this by generating incomplete traffic streams, denying access to the TVS until an administrator restarts the service.

Recommendations For version 9.1(2.10000.28), restart the Trust Verification Service to restore access. For version 10.0(1.10000.24), restart the Trust Verification Service to restore access. For version 10.5(2.10000.5), restart the Trust Verification Service to restore access. For version 11.0(1.10000.10), restart the Trust Verification Service to restore access.