关键漏洞信息 漏洞标题: Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability 危险等级: High Advisory ID: cisco-sa-voip-phone-flood-dos-YnU9EXOv CVE编号: CVE-2020-3574 CWE编号: CWE-371 CVSS评分: Base 7.5 发布时间: 2020年11月4日 16:00 GMT 最后更新: 2021年1月19日 17:34 GMT Cisco Bug ID: CSCvs66815, CSCvt83239, CSCvu36012, ... (更多) 相关URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv 漏洞摘要 漏洞描述: 由于Cisco IP Phone中的TCP包处理功能中的不足,允许未认证的远程攻击者通过发送高密度的TCP流量导致设备无法响应来电,挂断连接的呼叫,或意外重新加载。 影响: 远程攻击者可以通过发送高密度的TCP流量到目标设备,导致设备无法响应来电,挂断连接的呼叫,或意外重新加载,从而导致DoS(服务拒绝)条件。 影响的产品 受影响的产品: IP DECT 210 Multi-Cell Base Station (Multiplatform Firmware), IP DECT 6825 (Multiplatform Firmware), IP Phone 8811 Series (Multiplatform Firmware), IP Phone 8841 Series (Multiplatform Firmware), IP Phone 8851 Series (Multiplatform Firmware), IP Phone 8861 Series (Multiplatform Firmware), Unified IP Conference Phone 8831 for Third-Party Call Control, Webex Room Phone. 未受影响的产品: ATA 190 Analog Telephone Adapter, ATA 191 Analog Telephone Adapter, IP Conference Phone 7832, IP Conference Phone 7832 with Multiplatform Firmware, IP Conference Phone 8832, IP Conference Phone 8832 with Multiplatform Firmware, IP Phone 6800 Series (Multiplatform Firmware), IP Phone 6821 (Multiplatform Firmware), IP Phone 7800 Series, IP Phone 8800 Series, IP Phone 8800 Series (Multiplatform Firmware), SPA112 2-Port Phone Adapter, SPA122 Analog Telephone Adapter (ATA) with Router, SPA232D Multi-Line DECT Analog Telephone Adapter (ATA), SPA525G 5-Line IP Phone, Unified IP Phone 3905, Unified IP Phone 6901, Unified IP Phone 6911, Unified IP Phone 7900 Series, Wireless IP Phone 8821. 解决方案 固件更新: Cisco已发布更新固件解决该漏洞。 其他: 客户应定期访问Cisco Security Advisories页面,以了解是否有新的固件版本和漏洞信息。 其他信息 工作区: 无工作区应对该漏洞。 漏洞来源: 该漏洞是在Cisco TAC支持案例的解决过程中发现的。 修订记录: 记录了该漏洞公告的修订历史,包括发布和更新的时间与内容。