CVE-2008-1744

EPSS 1.04%
Veröffentlicht 16.05.2008 12:54:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle psirt@cisco.com
Teams Watchlist Login
Unerledigt Login

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Unified Callmanager Version4.1

Cisco ≫ Unified Callmanager Version4.1_3_sr4

Cisco ≫ Unified Callmanager Version4.1_3_sr5

Cisco ≫ Unified Callmanager Version4.1_3_sr5b

Cisco ≫ Unified Callmanager Version4.1_3_sr5c

Cisco ≫ Unified Communications Manager Version4.2_3_sr2

Cisco ≫ Unified Communications Manager Version4.2_3_sr2b

Cisco ≫ Unified Communications Manager Version4.2_3_sr3

Cisco ≫ Unified Communications Manager Version4.3

Cisco ≫ Unified Communications Manager Version4.3_1_sr1

Cisco ≫ Unified Communications Manager Version5.1_1

Cisco ≫ Unified Communications Manager Version5.1_2

Cisco ≫ Unified Communications Manager Version5.1_2a

Cisco ≫ Unified Communications Manager Version5.1_2b

Cisco ≫ Unified Communications Manager Version5.1_3a

Cisco ≫ Unified Communications Manager Version6.0

Cisco ≫ Unified Communications Manager Version6.0_1

Cisco ≫ Unified Communications Manager Version6.0_1a

Cisco ≫ Unified Communications Manager Version6.1

Cisco ≫ Unified Communications Manager Version6.1_1a

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.04%	0.754

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/30238

http://securitytracker.com/id?1020022

http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml

http://www.securityfocus.com/bid/29221

http://www.vupen.com/english/advisories/2008/1533

https://exchange.xforce.ibmcloud.com/vulnerabilities/42415

https://nvd.nist.gov/vuln/detail/CVE-2008-1744

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-1744

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-1744

EUVD