Sig Name: CUCM CTI DoS

Unanswered Question
Jul 2nd, 2010
User Badges:

I am seeing Sig ID: 6799 Subsig 0 a lot on our 4215.

Sig Name: CUCM CTI DoS
Sig ID: 6799
Severity: Medium
Risk Rating: 66
Sig Version: S448

I am looking for more information regarding this alert, is this flase positive?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fringer Fri, 07/02/2010 - 11:26
User Badges:
  • Cisco Employee,

The best place to begin research on Cisco IPS signature issues is the Cisco IntelliShield site:

For this specific signature, the details are outlined here:

Details of the exploit detected are outlined here:

Without being able to see the traffic which triggered the signature it will not be possible to determine whether this is a false positivie or not.  Specific network conditions will assist more accurately determining the validity of the event.



This Discussion