Cisco patches DoS vulnerability in UC Manager

Cisco on Wednesday released an update to patch a vulnerability found in the SIP service of its Unified Communications Manager.

If exploited, the vulnerability could allow a Denial of Service (DoS) attack to interrupt voice services, according to a Cisco security advisory. Cisco’s Unified Communications Manager, formerly called Cisco Unified CallManager, is an IP telephony call-processing system designed to replace PBXes.

The company on Wednesday also released ten other security updates for vulnerabilities that affect its IOS software. If exploited, these vulnerabilities could result in a breach in confidentiality or DoS attack, the company says.

These updates aim to fix vulnerabilities in Cisco’s network infrastructure software including an object-group access control list bypass and potential exploits to its software authentication proxy; Manager Express; H.323and crafted encryption packet services; zone-based policy firewall; network time protocol packet; and software tunnels, according to the advisory.

Cisco released patches for IOS as recently as late July, addressing two vulnerabilities that could allow hackers to launch a DoS attack when dealing with certain Border Gateway Protocol (BGP) updates.

Do you tweet? Follow me on Twitter here.

What’s wrong? The new clean desk test
View Comments
You Might Like
Join the discussion
Be the first to comment on this article. Our Commenting Policies