CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
EPSS
Percentile
85.1%
A denial of service (DoS) vulnerability exists in Cisco Unified Presence and Jabber Extensible Communications Platform (Jabber XCP). An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted Extensible Messaging and Presence Protocol (XMPP) stream header to an affected server. Successful exploitation of this vulnerability could cause the Connection Manager process to crash. Repeated exploitation could result in a sustained DoS condition.
There are no workarounds available to mitigate exploitation of this vulnerability.
Cisco has released software updates that address this vulnerability. This advisory is available at the following link:
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unified_presence_server | any | cpe:2.3:a:cisco:unified_presence_server:any:*:*:*:*:*:*:* |
cisco | jabber_extensible_communications_platform | any | cpe:2.3:a:cisco:jabber_extensible_communications_platform:any:*:*:*:*:*:*:* |