Cisco IOS 15.3 and 15.4, Cisco IOS XE 3.8 through 3.11, and Cisco Unified Communications Manager allow remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCuj23293.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HCisco IOS XE
OSCisco3.10.0s3.10.1s3.10.1xbs3.10.2s3.11.0s3.8.0s3.8.1s3.8.2s3.9.0as3.9.0s3.9.1as3.9.1s3.9.2sLenovo Thinkcentre E75s Firmware
OSLenovo< m16kt61aSamsung X14j Firmware
OSSamsungt-ms14jakucb-1102.5Sun Opensolaris
OSSunsnv_124Zyxel Gs1900 10hp Firmware
OSZyxel< 2.50\(aazi.0\)c0Zzinc Keymouse Firmware
OSZzinc3.08
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References
Related vulnerabilities
CVE-2023-20198CRITICAL10.0⚠ KEVten sam produkt
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in...
CVE-2018-0151CRITICAL9.8⚠ KEVten sam produkt
A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software coul...
CVE-2017-3881CRITICAL9.8⚠ KEVten sam produkt
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE S...
CVE-2025-20363CRITICAL9.0PL ✓ten sam produkt
RCE w web services Cisco ASA, FTD, IOS, IOS XE, IOS XR przez HTTP
CVE-2025-20188CRITICAL10.0PL ✓ten sam produkt
Cisco IOS XE WLC — nieuwierzytelniony upload plików i RCE przez hardcoded JWT