CVE-2007-0198 — Cisco IP Contact Center Enterprise vulnerability

CWE-3994 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

1.3%

top 20.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IP Contact Center Enterprise Cisco IP Contact Center Hosted Cisco Unified Contact Center Enterprise +1 more

Timeline

PublishedJan 11

Latest updateMay 1

Description

The JTapi Gateway process in Cisco Unified Contact Center Enterprise, Unified Contact Center Hosted, IP Contact Center Enterprise, and Cisco IP Contact Center Hosted 5.0 through 7.1 allows remote attackers to cause a denial of service (repeated process restart) via a certain TCP session on the JTapi server port.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

▶NVDcisco/unified_contact_center_hosted7.1+1

▶NVDcisco/unified_contact_center_enterprise7.1+1

▶NVDcisco/ip_contact_center_hosted7.1+1

▶NVDcisco/ip_contact_center_enterprise7.1+1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-hm86-6mqm-gjxf: The JTapi Gateway process in Cisco Unified Contact Center Enterprise, Unified Contact Center Hosted, IP Contact Center Enterprise, and Cisco IP Contac↗2022-05-01

▶

CVEList

CVE-2007-0198: The JTapi Gateway process in Cisco Unified Contact Center Enterprise, Unified Contact Center Hosted, IP Contact Center Enterprise, and Cisco IP Contac↗2007-01-11

▶

📋Vendor Advisories

Cisco

Cisco Unified Contact Center and IP Contact Center JTapi Gateway Denial of Service Vulnerability↗2007-01-10

▶