For customers who do not use SIP in their environment, there is a
workaround for these vulnerabilities. Cisco Unified Communication Manager
versions 6.1(4), 7.1(2) and 8.0(1) introduced the ability to disable SIP
processing. SIP processing is enabled by default. Use the following
instructions to disable SIP processing:
Step 1: Log into the Cisco Unified CM Administration
Step 2: Navigate to System > Service
Parameters and select the appropriate Cisco Unified Communications
Manager server and the "Cisco CallManager" service.
Step 3: Change the "SIP Interoperability Enabled"
parameter to False, and click Save.
Note: For a SIP processing change to take effect, the
Cisco CallManager Service must be restarted. For information on how to restart
the service, refer to the "Restarting the Cisco CallManager Service" section of
the document at:
It is possible to mitigate these vulnerabilities by implementing
filtering on screening devices and permitting access to TCP ports 5060 and 5061
and UDP ports 5060 and 5061 only from networks that require SIP access to Cisco
Unified Communications Manager servers.
Additional mitigations that can be deployed on Cisco devices in the
network are available in the companion document "Cisco Applied Mitigation
Bulletin: Identifying and Mitigating Exploitation of the Multiple
Vulnerabilities in Cisco Voice Products", which is available at the following