Cisco Meeting Server SIP Processing Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server. The vulnerability is due to insufficient validation of Session Description Protocol (SDP) messages. An attacker could exploit this vulnerability by sending a crafted SDP message to the CMS call bridge. An exploit could allow the attacker to cause the CMS to reload, causing a DoS condition for all connected clients. Versions prior to 2.3.9 are affected.

N/A

输入验证不恰当

Cisco Meeting Server 输入验证错误漏洞

Cisco Meeting Server (CMS) software中对会话发起协议（SIP）的调用处理存在输入验证漏洞，该漏洞源于程序没有充分地验证会话描述协议的消息。远程攻击者可借助特制的SDP消息利用该漏洞造成CMS重新加载，导致拒绝服务。

N/A

N/A