Improper Input Validation

CVE-2013-1197

Medium

6.8/10

Summary

The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: SINGLE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: COMPLETE

CWE-20 - Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

Advisory Timeline

Published Apr 16, 2013

Improper Input Validation

CVE-2013-1197

Summary

CWE-20 - Improper Input Validation

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS