7.8

CVE-2008-2061

The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoUnified Communications Manager Version >= 5.0 < 5.1\(3c\)
CiscoUnified Communications Manager Version >= 6.0 < 6.1\(2\)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.45% 0.823
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/30848
Third Party Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml
Patch
Vendor Advisory
http://www.securityfocus.com/bid/29933
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020360
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2008/1933/references
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/43349
Third Party Advisory
VDB Entry