PT-2021-7002 · Cisco · Cisco Unified Communications Manager+1
Published
2021-11-02
·
Updated
2022-05-03
·
CVE-2022-20804
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) (affected versions not specified)
Description
The issue is related to the implementation of the Cisco Discovery Protocol in the affected systems, which is associated with insufficient checking of unusual or exceptional states. This could allow a remote attacker to cause a denial of service (DoS) condition by continuously sending certain Cisco Discovery Protocol packets to an affected device, resulting in a kernel panic on the system.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Unified Communications Manager
Cisco Unified Communications Manager Session Management Edition