7.8
CVE-2008-2061
- EPSS 2.45%
- Veröffentlicht 26.06.2008 17:41:00
- Zuletzt bearbeitet 16.06.2026 22:53:01
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Unified Communications Manager Version >= 5.0 < 5.1\(3c\)
Cisco ≫ Unified Communications Manager Version >= 6.0 < 6.1\(2\)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.45% | 0.823 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/30848
http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml
http://www.securityfocus.com/bid/29933
http://www.securitytracker.com/id?1020360
http://www.vupen.com/english/advisories/2008/1933/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43349