Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS and IOS XE Software Session Initiation Protocol Denial of Service Vulnerability
Vulnerability Description
A vulnerability in the common Session Initiation Protocol (SIP) library of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on an internal data structure. An attacker could exploit this vulnerability by sending a sequence of malicious SIP messages to an affected device. An exploit could allow the attacker to cause a NULL pointer dereference, resulting in a crash of the iosd process. This triggers a reload of the device.
CVSS Information
N/A
Vulnerability Type
空指针解引用
Vulnerability Title
Cisco IOS和IOS XE 代码问题漏洞
Vulnerability Description
Cisco IOS和IOS XE都是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS和IOS XE中的common Session Initiation Protocol (SIP)库存在代码问题漏洞,该漏洞源于程序没有对内部数据结构进行可用性测试。远程攻击者可通过发送恶意的SIP消息利用该漏洞造成空指针逆向引用,导致iosd进程崩溃。以下产品及版本受到影响:Cisco Unified Border Element (CUBE);Unified Communications
CVSS Information
N/A
Vulnerability Type
N/A