Input validation

2023-06-2815:15:00

PRIOn knowledge base

www.prio-n.com

input validation

cisco unified communications manager

axl api

dos

web ui

self care portal

nvd

5.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.

CPENameOperatorVersion
unified_communications_managereq11.51.100006
unified_communications_managereq12.1.1000010
unified_communications_managereq12.51.1000022
unified_communications_managereq14.1.1000020
unified_communications_managereq11.51.100006
unified_communications_managereq12.1.1000010
unified_communications_managereq12.51.1000022
unified_communications_managereq14.1.1000020

Name	Operator	Version
unified_communications_manager	eq	11.51.100006
unified_communications_manager	eq	12.1.1000010
unified_communications_manager	eq	12.51.1000022
unified_communications_manager	eq	14.1.1000020
unified_communications_manager	eq	11.51.100006
unified_communications_manager	eq	12.1.1000010
unified_communications_manager	eq	12.51.1000022
unified_communications_manager	eq	14.1.1000020