CVE-2020-3163

CWE-362Race Condition4 documents4 sources
Severity
5.9MEDIUM
EPSS
0.3%
top 42.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco Unified Contact Center EnterpriseCisco Unified Contact Center Enterprise
Timeline
PublishedFeb 19
Latest updateMay 24

Description

A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing inbound Live Data traffic. An attacker could exploit this vulnerability by sending multiple crafted Live Data packets to an affected device. A successful exploit could cause the affected device to run

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5cisco/cisco_unified_contact_center_enterpriseunspecifiedn/a

🔴Vulnerability Details

2
GHSA
GHSA-759q-wfqr-9x82: A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial o2022-05-24
CVEList
Cisco Unified Contact Center Enterprise Denial of Service Vulnerability2020-02-19

📋Vendor Advisories

1
Cisco
Cisco Unified Contact Center Enterprise Denial of Service Vulnerability2020-02-19
CVE-2020-3163 (MEDIUM CVSS 5.9) | A vulnerability in the Live Data se | cvebase.io