Cisco Bug: CSCvh68532 - ucsm Slow HTTP Denial of Service Attack CVE-2012-5568
Aug 13, 2019
- Cisco Unified Computing System
Known Affected Releases
Symptom: Some security scanners may flag UCSM HTTP protocol that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2012-5568 Conditions: Apache used and has mod_reqtimeout set. CVE-2012-5568 is related to Apache Tomcat. Cisco UCSM doesn't use Apache Tomcat. Cisco UCSM using Apache WebServer not Tomcat. Since 3.1(3a) UCSM has had: <IfModule reqtimeout_module> #LoadModule reqtimeout_module modules/mod_reqtimeout.so RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500 </IfModule> Which were introduced via CSCuc73891 and CSCuu27759. Some security scanners even after this fix were flagging the device as vulnerable. Cisco has worked with the scanning companies and identified as false positives.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases