To exploit the vulnerability, an attacker must be able to send an SCCP request to the targeted system. The attacker may require access to trusted network segments to send network requests to the system. In some cases, the Cisco Unified Communications Manager system may be present on separate physical or logical networks, making network access difficult and increasing the complexity of an attack.
If an exploit is successful, the attacker could cause services on the Cisco Unified Communications Manager software to fail. Users may not be able to place additional calls or access other resources, interrupting operations. An administrator may need to intervene and restart the software manually.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.