Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2009-2864

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/09/2009
Last modified:
09/04/2025

Description

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423.

Impact

Vector 2.0
AV:N/AC:L/Au:N/C:N/I:N/A:C CVSS v2.0 Severity and Metrics:

Base Score: 7.80 HIGH
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Attack Vector (AV): Network
Attack Complexity (AC): Low
Authentication (Au): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Complete

Base Score 2.0
7.80
Severity 2.0
HIGH

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:cisco:unified_callmanager:5.0\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(2a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(3a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(4a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0\(4c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1\(1c\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1\(2a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.1\(2b\):*:*:*:*:*:*:*

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools