4.3

CVE-2009-0057

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely."
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.89% 0.547
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/33588
Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtml
Vendor Advisory
http://www.securityfocus.com/bid/33379
http://www.securitytracker.com/id?1021620
http://www.vupen.com/english/advisories/2009/0213
https://exchange.xforce.ibmcloud.com/vulnerabilities/48139