CVE-2023-20108

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied input in the XCP Authentication Service, which could allow a remote attacker to cause a denial of service (DoS) condition by sending a specially crafted login message. This could result in a temporary service outage for users attempting to authenticate to the service, preventing new users from successfully authenticating. However, users who were authenticated prior to an attack are not impacted.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.