CVE-2013-5553

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 15.1 through 15.1(4)M6

Description A vulnerability exists in the Session Initiation Protocol (SIP) implementation that could allow an unauthenticated, remote attacker to cause a reload of an affected device or cause memory leaks, resulting in system instabilities. The vulnerability can be exploited by sending crafted SIP messages over IPv4 or IPv6. Affected devices must be configured to process SIP messages.

Recommendations For Cisco IOS versions 15.1 through 15.1(4)M6, update to version 15.1(4)M7 or later to address the vulnerability. As a temporary workaround, consider disabling SIP message processing on affected devices if possible. For devices that must run SIP, apply available mitigations to limit exposure to the vulnerability.