A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition.
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2020-11-06T18:16:31.678368Z
Updated: 2024-11-13T17:43:05.265Z
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3574
Vulnrichment
Updated: 2024-08-04T07:37:55.701Z
NVD
Status : Modified
Published: 2020-11-06T19:15:14.847
Modified: 2024-11-21T05:31:20.600
Link: CVE-2020-3574
Redhat
No data.