The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Unified_communications_manager | Cisco | 6.0(1a) (including) | 6.0(1a) (including) |
| Unified_communications_manager | Cisco | 6.0(1b) (including) | 6.0(1b) (including) |
| Unified_communications_manager | Cisco | 6.1(1) (including) | 6.1(1) (including) |
| Unified_communications_manager | Cisco | 6.1(1a) (including) | 6.1(1a) (including) |
| Unified_communications_manager | Cisco | 6.1(1b) (including) | 6.1(1b) (including) |
| Unified_communications_manager | Cisco | 6.1(2) (including) | 6.1(2) (including) |
| Unified_communications_manager | Cisco | 6.1(3) (including) | 6.1(3) (including) |
| Unified_communications_manager | Cisco | 6.1(3a) (including) | 6.1(3a) (including) |
| Unified_communications_manager | Cisco | 6.1(3b) (including) | 6.1(3b) (including) |
| Unified_communications_manager | Cisco | 6.1(4) (including) | 6.1(4) (including) |
| Unified_communications_manager | Cisco | 6.1(4a) (including) | 6.1(4a) (including) |
| Unified_communications_manager | Cisco | 6.1(4b) (including) | 6.1(4b) (including) |
| Unified_communications_manager | Cisco | 6.1(5) (including) | 6.1(5) (including) |
| Unified_communications_manager | Cisco | 7.1(1) (including) | 7.1(1) (including) |
| Unified_communications_manager | Cisco | 7.1(2) (including) | 7.1(2) (including) |
| Unified_communications_manager | Cisco | 7.1(2a) (including) | 7.1(2a) (including) |
| Unified_communications_manager | Cisco | 7.1(2b) (including) | 7.1(2b) (including) |
| Unified_communications_manager | Cisco | 7.1(3) (including) | 7.1(3) (including) |
| Unified_communications_manager | Cisco | 7.1(3a) (including) | 7.1(3a) (including) |
| Unified_communications_manager | Cisco | 7.1(3b) (including) | 7.1(3b) (including) |
| Unified_communications_manager | Cisco | 7.1(5) (including) | 7.1(5) (including) |
| Unified_communications_manager | Cisco | 7.1(5a) (including) | 7.1(5a) (including) |
| Unified_communications_manager | Cisco | 7.1(5b) (including) | 7.1(5b) (including) |
| Unified_communications_manager | Cisco | 7.1(5b)su1 (including) | 7.1(5b)su1 (including) |
| Unified_communications_manager | Cisco | 7.1(5b)su1a (including) | 7.1(5b)su1a (including) |
| Unified_communications_manager | Cisco | 7.1(5b)su2 (including) | 7.1(5b)su2 (including) |
| Unified_communications_manager | Cisco | 7.1(5b)su3 (including) | 7.1(5b)su3 (including) |
| Unified_communications_manager | Cisco | 7.1(5b)su4 (including) | 7.1(5b)su4 (including) |
| Unified_communications_manager | Cisco | 8.0 (including) | 8.0 (including) |
| Unified_communications_manager | Cisco | 8.0(1) (including) | 8.0(1) (including) |
| Unified_communications_manager | Cisco | 8.0(2) (including) | 8.0(2) (including) |
| Unified_communications_manager | Cisco | 8.0(2a) (including) | 8.0(2a) (including) |
| Unified_communications_manager | Cisco | 8.0(2b) (including) | 8.0(2b) (including) |
| Unified_communications_manager | Cisco | 8.0(2c) (including) | 8.0(2c) (including) |
| Unified_communications_manager | Cisco | 8.0(3) (including) | 8.0(3) (including) |
| Unified_communications_manager | Cisco | 8.0(3a) (including) | 8.0(3a) (including) |
| Unified_communications_manager | Cisco | 8.5(1)su1 (including) | 8.5(1)su1 (including) |
| Unified_communications_manager | Cisco | 8.5(1)su2 (including) | 8.5(1)su2 (including) |
| Unified_communications_manager | Cisco | 8.5(1)su3 (including) | 8.5(1)su3 (including) |
| Ios | Cisco | 12.2 (including) | 12.2 (including) |
| Ios | Cisco | 12.2b (including) | 12.2b (including) |
| Ios | Cisco | 12.2bc (including) | 12.2bc (including) |
| Ios | Cisco | 12.2bw (including) | 12.2bw (including) |
| Ios | Cisco | 12.2bx (including) | 12.2bx (including) |
| Ios | Cisco | 12.2by (including) | 12.2by (including) |
| Ios | Cisco | 12.2bz (including) | 12.2bz (including) |
| Ios | Cisco | 12.2ca (including) | 12.2ca (including) |
| Ios | Cisco | 12.2cx (including) | 12.2cx (including) |
| Ios | Cisco | 12.2cy (including) | 12.2cy (including) |
| Ios | Cisco | 12.2cz (including) | 12.2cz (including) |
| Ios | Cisco | 12.2da (including) | 12.2da (including) |
| Ios | Cisco | 12.2dd (including) | 12.2dd (including) |
| Ios | Cisco | 12.2dx (including) | 12.2dx (including) |
| Ios | Cisco | 12.2ew (including) | 12.2ew (including) |
| Ios | Cisco | 12.2ewa (including) | 12.2ewa (including) |
| Ios | Cisco | 12.2ex (including) | 12.2ex (including) |
| Ios | Cisco | 12.2ey (including) | 12.2ey (including) |
| Ios | Cisco | 12.2ez (including) | 12.2ez (including) |
| Ios | Cisco | 12.2fx (including) | 12.2fx (including) |
| Ios | Cisco | 12.2fy (including) | 12.2fy (including) |
| Ios | Cisco | 12.2fz (including) | 12.2fz (including) |
| Ios | Cisco | 12.2irb (including) | 12.2irb (including) |
| Ios | Cisco | 12.2ixa (including) | 12.2ixa (including) |
| Ios | Cisco | 12.2ixb (including) | 12.2ixb (including) |
| Ios | Cisco | 12.2ixc (including) | 12.2ixc (including) |
| Ios | Cisco | 12.2ixd (including) | 12.2ixd (including) |
| Ios | Cisco | 12.2ixe (including) | 12.2ixe (including) |
| Ios | Cisco | 12.2ixf (including) | 12.2ixf (including) |
| Ios | Cisco | 12.2ixg (including) | 12.2ixg (including) |
| Ios | Cisco | 12.2l (including) | 12.2l (including) |
| Ios | Cisco | 12.2mb (including) | 12.2mb (including) |
| Ios | Cisco | 12.2rc (including) | 12.2rc (including) |
| Ios | Cisco | 12.2s (including) | 12.2s (including) |
| Ios | Cisco | 12.2sb (including) | 12.2sb (including) |
| Ios | Cisco | 12.2sbc (including) | 12.2sbc (including) |
| Ios | Cisco | 12.2sca (including) | 12.2sca (including) |
| Ios | Cisco | 12.2scb (including) | 12.2scb (including) |
| Ios | Cisco | 12.2se (including) | 12.2se (including) |
| Ios | Cisco | 12.2sea (including) | 12.2sea (including) |
| Ios | Cisco | 12.2seb (including) | 12.2seb (including) |
| Ios | Cisco | 12.2sec (including) | 12.2sec (including) |
| Ios | Cisco | 12.2sed (including) | 12.2sed (including) |
| Ios | Cisco | 12.2see (including) | 12.2see (including) |
| Ios | Cisco | 12.2sef (including) | 12.2sef (including) |
| Ios | Cisco | 12.2seg (including) | 12.2seg (including) |
| Ios | Cisco | 12.2sg (including) | 12.2sg (including) |
| Ios | Cisco | 12.2sga (including) | 12.2sga (including) |
| Ios | Cisco | 12.2sm (including) | 12.2sm (including) |
| Ios | Cisco | 12.2sr (including) | 12.2sr (including) |
| Ios | Cisco | 12.2sra (including) | 12.2sra (including) |
| Ios | Cisco | 12.2srb (including) | 12.2srb (including) |
| Ios | Cisco | 12.2src (including) | 12.2src (including) |
| Ios | Cisco | 12.2su (including) | 12.2su (including) |
| Ios | Cisco | 12.2sv (including) | 12.2sv (including) |
| Ios | Cisco | 12.2sva (including) | 12.2sva (including) |
| Ios | Cisco | 12.2svc (including) | 12.2svc (including) |
| Ios | Cisco | 12.2svd (including) | 12.2svd (including) |
| Ios | Cisco | 12.2sve (including) | 12.2sve (including) |
| Ios | Cisco | 12.2sw (including) | 12.2sw (including) |
| Ios | Cisco | 12.2sx (including) | 12.2sx (including) |
| Ios | Cisco | 12.2sxa (including) | 12.2sxa (including) |
| Ios | Cisco | 12.2sxb (including) | 12.2sxb (including) |
| Ios | Cisco | 12.2sxd (including) | 12.2sxd (including) |
| Ios | Cisco | 12.2sxe (including) | 12.2sxe (including) |
| Ios | Cisco | 12.2sxf (including) | 12.2sxf (including) |
| Ios | Cisco | 12.2sxi (including) | 12.2sxi (including) |
| Ios | Cisco | 12.2sy (including) | 12.2sy (including) |
| Ios | Cisco | 12.2sz (including) | 12.2sz (including) |
| Ios | Cisco | 12.2t (including) | 12.2t (including) |
| Ios | Cisco | 12.2tpc (including) | 12.2tpc (including) |
| Ios | Cisco | 12.2xa (including) | 12.2xa (including) |
| Ios | Cisco | 12.2xb (including) | 12.2xb (including) |
| Ios | Cisco | 12.2xc (including) | 12.2xc (including) |
| Ios | Cisco | 12.2xd (including) | 12.2xd (including) |
| Ios | Cisco | 12.2xe (including) | 12.2xe (including) |
| Ios | Cisco | 12.2xf (including) | 12.2xf (including) |
| Ios | Cisco | 12.2xg (including) | 12.2xg (including) |
| Ios | Cisco | 12.2xh (including) | 12.2xh (including) |
| Ios | Cisco | 12.2xi (including) | 12.2xi (including) |
| Ios | Cisco | 12.2xj (including) | 12.2xj (including) |
| Ios | Cisco | 12.2xk (including) | 12.2xk (including) |
| Ios | Cisco | 12.2xl (including) | 12.2xl (including) |
| Ios | Cisco | 12.2xm (including) | 12.2xm (including) |
| Ios | Cisco | 12.2xn (including) | 12.2xn (including) |
| Ios | Cisco | 12.2xnb (including) | 12.2xnb (including) |
| Ios | Cisco | 12.2xnc (including) | 12.2xnc (including) |
| Ios | Cisco | 12.2xnd (including) | 12.2xnd (including) |
| Ios | Cisco | 12.2xo (including) | 12.2xo (including) |
| Ios | Cisco | 12.2xq (including) | 12.2xq (including) |
| Ios | Cisco | 12.2xr (including) | 12.2xr (including) |
| Ios | Cisco | 12.2xs (including) | 12.2xs (including) |
| Ios | Cisco | 12.2xt (including) | 12.2xt (including) |
| Ios | Cisco | 12.2xu (including) | 12.2xu (including) |
| Ios | Cisco | 12.2xv (including) | 12.2xv (including) |
| Ios | Cisco | 12.2xw (including) | 12.2xw (including) |
| Ios | Cisco | 12.2ya (including) | 12.2ya (including) |
| Ios | Cisco | 12.2yb (including) | 12.2yb (including) |
| Ios | Cisco | 12.2yc (including) | 12.2yc (including) |
| Ios | Cisco | 12.2yd (including) | 12.2yd (including) |
| Ios | Cisco | 12.2ye (including) | 12.2ye (including) |
| Ios | Cisco | 12.2yf (including) | 12.2yf (including) |
| Ios | Cisco | 12.2yg (including) | 12.2yg (including) |
| Ios | Cisco | 12.2yh (including) | 12.2yh (including) |
| Ios | Cisco | 12.2yj (including) | 12.2yj (including) |
| Ios | Cisco | 12.2yk (including) | 12.2yk (including) |
| Ios | Cisco | 12.2yl (including) | 12.2yl (including) |
| Ios | Cisco | 12.2ym (including) | 12.2ym (including) |
| Ios | Cisco | 12.2yn (including) | 12.2yn (including) |
| Ios | Cisco | 12.2yo (including) | 12.2yo (including) |
| Ios | Cisco | 12.2yp (including) | 12.2yp (including) |
| Ios | Cisco | 12.2yq (including) | 12.2yq (including) |
| Ios | Cisco | 12.2yr (including) | 12.2yr (including) |
| Ios | Cisco | 12.2ys (including) | 12.2ys (including) |
| Ios | Cisco | 12.2yt (including) | 12.2yt (including) |
| Ios | Cisco | 12.2yu (including) | 12.2yu (including) |
| Ios | Cisco | 12.2yv (including) | 12.2yv (including) |
| Ios | Cisco | 12.2yw (including) | 12.2yw (including) |
| Ios | Cisco | 12.2yx (including) | 12.2yx (including) |
| Ios | Cisco | 12.2yy (including) | 12.2yy (including) |
| Ios | Cisco | 12.2yz (including) | 12.2yz (including) |
| Ios | Cisco | 12.2za (including) | 12.2za (including) |
| Ios | Cisco | 12.2zb (including) | 12.2zb (including) |
| Ios | Cisco | 12.2zc (including) | 12.2zc (including) |
| Ios | Cisco | 12.2zd (including) | 12.2zd (including) |
| Ios | Cisco | 12.2ze (including) | 12.2ze (including) |
| Ios | Cisco | 12.2zf (including) | 12.2zf (including) |
| Ios | Cisco | 12.2zg (including) | 12.2zg (including) |
| Ios | Cisco | 12.2zh (including) | 12.2zh (including) |
| Ios | Cisco | 12.2zj (including) | 12.2zj (including) |
| Ios | Cisco | 12.2zl (including) | 12.2zl (including) |
| Ios | Cisco | 12.2zp (including) | 12.2zp (including) |
| Ios | Cisco | 12.2zu (including) | 12.2zu (including) |
| Ios | Cisco | 12.2zx (including) | 12.2zx (including) |
| Ios | Cisco | 12.2zy (including) | 12.2zy (including) |
| Ios | Cisco | 12.2zya (including) | 12.2zya (including) |
| Ios | Cisco | 12.3 (including) | 12.3 (including) |
| Ios | Cisco | 12.3b (including) | 12.3b (including) |
| Ios | Cisco | 12.3bc (including) | 12.3bc (including) |
| Ios | Cisco | 12.3bw (including) | 12.3bw (including) |
| Ios | Cisco | 12.3ja (including) | 12.3ja (including) |
| Ios | Cisco | 12.3jea (including) | 12.3jea (including) |
| Ios | Cisco | 12.3jeb (including) | 12.3jeb (including) |
| Ios | Cisco | 12.3jec (including) | 12.3jec (including) |
| Ios | Cisco | 12.3jk (including) | 12.3jk (including) |
| Ios | Cisco | 12.3jl (including) | 12.3jl (including) |
| Ios | Cisco | 12.3jx (including) | 12.3jx (including) |
| Ios | Cisco | 12.3t (including) | 12.3t (including) |
| Ios | Cisco | 12.3tpc (including) | 12.3tpc (including) |
| Ios | Cisco | 12.3va (including) | 12.3va (including) |
| Ios | Cisco | 12.3xa (including) | 12.3xa (including) |
| Ios | Cisco | 12.3xb (including) | 12.3xb (including) |
| Ios | Cisco | 12.3xc (including) | 12.3xc (including) |
| Ios | Cisco | 12.3xd (including) | 12.3xd (including) |
| Ios | Cisco | 12.3xe (including) | 12.3xe (including) |
| Ios | Cisco | 12.3xf (including) | 12.3xf (including) |
| Ios | Cisco | 12.3xg (including) | 12.3xg (including) |
| Ios | Cisco | 12.3xi (including) | 12.3xi (including) |
| Ios | Cisco | 12.3xk (including) | 12.3xk (including) |
| Ios | Cisco | 12.3xl (including) | 12.3xl (including) |
| Ios | Cisco | 12.3xq (including) | 12.3xq (including) |
| Ios | Cisco | 12.3xr (including) | 12.3xr (including) |
| Ios | Cisco | 12.3xs (including) | 12.3xs (including) |
| Ios | Cisco | 12.3xu (including) | 12.3xu (including) |
| Ios | Cisco | 12.3xw (including) | 12.3xw (including) |
| Ios | Cisco | 12.3xx (including) | 12.3xx (including) |
| Ios | Cisco | 12.3xy (including) | 12.3xy (including) |
| Ios | Cisco | 12.3xz (including) | 12.3xz (including) |
| Ios | Cisco | 12.3ya (including) | 12.3ya (including) |
| Ios | Cisco | 12.3yd (including) | 12.3yd (including) |
| Ios | Cisco | 12.3yf (including) | 12.3yf (including) |
| Ios | Cisco | 12.3yg (including) | 12.3yg (including) |
| Ios | Cisco | 12.3yh (including) | 12.3yh (including) |
| Ios | Cisco | 12.3yj (including) | 12.3yj (including) |
| Ios | Cisco | 12.3yk (including) | 12.3yk (including) |
| Ios | Cisco | 12.3ym (including) | 12.3ym (including) |
| Ios | Cisco | 12.3yq (including) | 12.3yq (including) |
| Ios | Cisco | 12.3ys (including) | 12.3ys (including) |
| Ios | Cisco | 12.3yt (including) | 12.3yt (including) |
| Ios | Cisco | 12.3yu (including) | 12.3yu (including) |
| Ios | Cisco | 12.3yx (including) | 12.3yx (including) |
| Ios | Cisco | 12.3yz (including) | 12.3yz (including) |
| Ios | Cisco | 12.3za (including) | 12.3za (including) |
| Ios | Cisco | 15.0 (including) | 15.0 (including) |
| Ios | Cisco | 15.0(1)s1 (including) | 15.0(1)s1 (including) |
| Ios | Cisco | 15.0(1)s2 (including) | 15.0(1)s2 (including) |
| Ios | Cisco | 15.0(1)se (including) | 15.0(1)se (including) |
| Ios | Cisco | 15.0m (including) | 15.0m (including) |
| Ios | Cisco | 15.0mr (including) | 15.0mr (including) |
| Ios | Cisco | 15.0mra (including) | 15.0mra (including) |
| Ios | Cisco | 15.0s (including) | 15.0s (including) |
| Ios | Cisco | 15.0sa (including) | 15.0sa (including) |
| Ios | Cisco | 15.0sg (including) | 15.0sg (including) |
| Ios | Cisco | 15.0xa (including) | 15.0xa (including) |
| Ios | Cisco | 15.0xo (including) | 15.0xo (including) |
| Ios | Cisco | 15.1 (including) | 15.1 (including) |
| Ios | Cisco | 15.1(1)xb1 (including) | 15.1(1)xb1 (including) |
| Ios | Cisco | 15.1(2)t (including) | 15.1(2)t (including) |
| Ios | Cisco | 15.1(3)t (including) | 15.1(3)t (including) |
| Ios | Cisco | 15.1(4)m (including) | 15.1(4)m (including) |
| Ios | Cisco | 15.1(4)m1 (including) | 15.1(4)m1 (including) |
| Ios | Cisco | 15.1ey (including) | 15.1ey (including) |
| Ios | Cisco | 15.1gc (including) | 15.1gc (including) |
| Ios | Cisco | 15.1m (including) | 15.1m (including) |
| Ios | Cisco | 15.1s (including) | 15.1s (including) |
| Ios | Cisco | 15.1t (including) | 15.1t (including) |
| Ios | Cisco | 15.1xb (including) | 15.1xb (including) |
| Ios | Cisco | 15.2 (including) | 15.2 (including) |
| Ios_xe | Cisco | 3.3.0sg (including) | 3.3.0sg (including) |
| Ios_xe | Cisco | 3.3.1s (including) | 3.3.1s (including) |
| Ios_xe | Cisco | 3.3.1sg (including) | 3.3.1sg (including) |
| Ios_xe | Cisco | 3.4.0as (including) | 3.4.0as (including) |
| Ios_xe | Cisco | 3.4.0s (including) | 3.4.0s (including) |
| Ios_xe | Cisco | 3.4.1s (including) | 3.4.1s (including) |
| Ios_xe | Cisco | 3.4.2s (including) | 3.4.2s (including) |
| Ios_xe | Cisco | 3.4.3s (including) | 3.4.3s (including) |
| Ios_xe | Cisco | 3.4.xs (including) | 3.4.xs (including) |
| Ios_xe | Cisco | 3.5.0s (including) | 3.5.0s (including) |
| Ios_xe | Cisco | 3.5.1s (including) | 3.5.1s (including) |
| Ios_xe | Cisco | 3.5.2s (including) | 3.5.2s (including) |
| Ios_xe | Cisco | 3.5.xs (including) | 3.5.xs (including) |
Input validation is a frequently-used technique for checking potentially dangerous inputs in order to ensure that the inputs are safe for processing within the code, or when communicating with other components. Input can consist of:
Data can be simple or structured. Structured data can be composed of many nested layers, composed of combinations of metadata and raw data, with other simple or structured data. Many properties of raw data or metadata may need to be validated upon entry into the code, such as:
Implied or derived properties of data must often be calculated or inferred by the code itself. Errors in deriving properties may be considered a contributing factor to improper input validation.