CVE-2010-4687
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
07/01/2011
Last modified:
11/04/2025
Description
STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:* | 15.0\(1\)xa1 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf
- http://www.securityfocus.com/bid/45769
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64584
- http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf
- http://www.securityfocus.com/bid/45769
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64584