Lucene search

[email protected]CVE-2008-4543

HistoryOct 13, 2008 - 8:00 p.m.

CVE-2008-4543

2008-10-1320:00:02

CWE-399

[email protected]

web.nvd.nist.gov

cisco unity

cve-2008-4543

denial of service

session exhaustion

authentication

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections.

Affected configurations

NVD

Node

ciscounityRange≤4.2\(1\)

ciscounityRange≤5.0\(1\)

ciscounityRange≤7.0\(2\)

ciscounityMatch4.0

ciscounityMatch4.0\(1\)

ciscounityMatch4.0\(2\)

ciscounityMatch4.0\(3\)

ciscounityMatch4.0\(3\)sr2

ciscounityMatch4.0\(4\)

ciscounityMatch4.0\(4\)sr1

ciscounityMatch4.0\(5\)

ciscounityMatch4.1\(1\)

ciscounityMatch5.0

ciscounityMatch7.0

CPENameOperatorVersion
cisco:unitycisco unityle4.2\(1\)
cisco:unitycisco unityle5.0\(1\)
cisco:unitycisco unityle7.0\(2\)
cisco:unitycisco unityeq4.0
cisco:unitycisco unityeq4.0\(1\)
cisco:unitycisco unityeq4.0\(2\)
cisco:unitycisco unityeq4.0\(3\)
cisco:unitycisco unityeq4.0\(4\)
cisco:unitycisco unityeq4.0\(5\)
cisco:unitycisco unityeq4.1\(1\)

CPE	Name	Operator	Version
cisco:unity	cisco unity	le	4.2\(1\)
cisco:unity	cisco unity	le	5.0\(1\)
cisco:unity	cisco unity	le	7.0\(2\)
cisco:unity	cisco unity	eq	4.0
cisco:unity	cisco unity	eq	4.0\(1\)
cisco:unity	cisco unity	eq	4.0\(2\)
cisco:unity	cisco unity	eq	4.0\(3\)
cisco:unity	cisco unity	eq	4.0\(4\)
cisco:unity	cisco unity	eq	4.0\(5\)
cisco:unity	cisco unity	eq	4.1\(1\)

Rows per page:

1-10 of 121

References

secunia.com/advisories/32187

securitytracker.com/id?1021013

www.cisco.com/en/US/products/products_security_response09186a0080a0d861.html

www.securityfocus.com/bid/31642

www.voipshield.com/research-details.php?id=128

www.vupen.com/english/advisories/2008/2771

exchange.xforce.ibmcloud.com/vulnerabilities/45743

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

6.8 Medium

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.3%

JSON

Related for CVE-2008-4543

prion1 cvelist1 nvd1 seebug1