Cisco » Unified Presence Server : Security Vulnerabilities, CVEs, (Denial of service)
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
Max CVSS
5.0
EPSS Score
0.34%
Published
2014-07-26
Updated
2017-08-29
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.
Max CVSS
5.0
EPSS Score
0.13%
Published
2013-05-10
Updated
2013-05-10
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
Max CVSS
7.8
EPSS Score
0.13%
Published
2013-02-27
Updated
2013-02-28
The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.
Max CVSS
7.8
EPSS Score
0.26%
Published
2010-08-26
Updated
2010-09-09
SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.
Max CVSS
7.8
EPSS Score
0.18%
Published
2010-08-26
Updated
2010-09-09
The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.
Max CVSS
7.8
EPSS Score
2.00%
Published
2009-10-16
Updated
2017-08-17
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.
Max CVSS
7.8
EPSS Score
1.97%
Published
2008-05-16
Updated
2017-08-08
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985.
Max CVSS
7.8
EPSS Score
2.53%
Published
2007-07-15
Updated
2017-07-29
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
Max CVSS
7.8
EPSS Score
2.78%
Published
2007-04-03
Updated
2017-07-29
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.
Max CVSS
7.8
EPSS Score
2.28%
Published
2007-04-02
Updated
2017-07-29
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
Max CVSS
7.8
EPSS Score
2.40%
Published
2006-10-26
Updated
2017-07-20
11 vulnerabilities found