Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Unified Presence Presence Engine服务输入验证漏洞
Vulnerability Description
Cisco Unified Presence是一个基于标准的平台,能够收集有关用户可用性和通信功能的信息。 Cisco Unified Presence 6.0(7)之前的6.x版本和7.0(8)之前的7.x版本中的Presence Engine (PE)服务不能正确处理SIP SUBSCRIBE消息标头里面的错误Contact域,远程攻击者可以借助畸形消息导致拒绝服务(进程失效)。
CVSS Information
N/A
Vulnerability Type
N/A