Cisco plugs serious UCM flaw

A heap overflow flaw in Cisco's Unified Communications Manager could be exploited to cause a denial of service condition.

Cisco Systems Inc. issued an advisory warning customers about a heap overflow condition in its Unified Communications...

Manager that could be exploited to cause a denial of service condition.

Cisco said an attacker does not have to be authenticated to exploit the flaw. The flaw affects Cisco UCM versions 4.2, 4.3, 5.1 and 6.0 and Cisco Unfied CallManager versions 3.3, 4.0, 4.1 and 5.0. An update is available to fix the flaw.

A possible workaround could be implemented by disabling the CTL Provider service when not in use. Filtering traffic to the affected systems on screening devices can also mitigate the threat, Cisco said.

There are no known active exploits in the wild, Cisco said.

Dig Deeper on Network Device Management

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close