Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
467
Views
0
Helpful
3
Replies

bug report -cucm upgrade

balaji.babu1
Level 1
Level 1

‎08-07-2017 02:14 AM - edited ‎03-17-2019 10:58 AM

Hello team,

one of the customer is planing to upgrade 11.5 due to the bug

A vulnerability in the Session Initiation Protocol(SIP) UDP throttling process of the Cisco Unified Communications Manager (CUCM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically. 
Ø  Impacted Version – 10.5(2.10000.5), 11.0(1.10000.10), 11.5(1.10000.6)

my question is , is the upgrade is only option to ignore the bug and we can run the system with patches. 

Labels:
0 Helpful
3 Replies 3

Jitender Bhandari
Cisco Employee
Cisco Employee

‎08-07-2017 02:46 AM

Hi Balaji,

Unfortunately there is no workaround

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz72455/?reffering_site=dumpcr

Cisco Unified Communications Manager Denial of Service Vulnerability
CSCuz72455
Description
Symptom:
A vulnerability in the Session Initiation Protocol(SIP) UDP throttling process of the Cisco Unified Communications Manager (CUCM) could allow an
unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient
rate limiting protection. An attacker could exploit this vulnerability by sending the affected device a high rate of SIP messages. An exploit
could allow the attacker to cause the device to reload unexpectedly. The device and services will restart automatically.

Conditions:
A high rate of SIP UDP messages.

Workaround:
None.


PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 7.5:
https://tools.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X

CVE ID CVE-2017-3808 has been assigned to document this issue.

Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Further Problem Description:
(Rate if it helps)
JB
0 Helpful

balaji.babu1
Level 1
Level 1
In response to Jitender Bhandari

‎08-07-2017 03:03 AM

Hi jitendar,

Thanks for the detailed info, so mean to say there is  no point in doing this upgrade(11.5.1.12900-3 ) for this issue correct.

regards 

balaji b

0 Helpful

Jitender Bhandari
Cisco Employee
Cisco Employee
In response to balaji.babu1

‎08-07-2017 03:10 AM

Hi Balaji,

So CUCM version 11.5.1.12900-3 is based of Base ES: 11.5.1.12019-1 and the Fix for the BUG came in ES 11.5.(1.12021-1). So you are right upgrading to 11.5.1.12019-1 would not give you fix for the BUG.

You can open a TAC case and they can publish the latest ES which has the fix for this BUG

ES means Engineering Special.

(Rate if it helps)

JB

0 Helpful
Customers Also Viewed These Support Documents