Lucene search

K
cve[email protected]CVE-2010-2840
HistoryAug 26, 2010 - 9:00 p.m.

CVE-2010-2840

2010-08-2621:00:01
CWE-20
web.nvd.nist.gov
19
cisco
unified presence
pe service
denial of service
sip
vulnerability
cve-2010-2840

6.7 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.003 Low

EPSS

Percentile

65.8%

The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.

Affected configurations

NVD
Node
ciscounified_presence_serverMatch6.0
OR
ciscounified_presence_serverMatch6.0\(2\)
OR
ciscounified_presence_serverMatch6.0\(3\)
OR
ciscounified_presence_serverMatch6.0\(4\)
OR
ciscounified_presence_serverMatch6.0\(5\)
OR
ciscounified_presence_serverMatch6.0\(6\)
OR
ciscounified_presence_serverMatch7.0
OR
ciscounified_presence_serverMatch7.0\(2\)
OR
ciscounified_presence_serverMatch7.0\(3\)
OR
ciscounified_presence_serverMatch7.0\(4\)
OR
ciscounified_presence_serverMatch7.0\(5\)
OR
ciscounified_presence_serverMatch7.0\(6\)
OR
ciscounified_presence_serverMatch7.0\(7\)
Node
ciscounified_presence_serverMatch6.0\(2.1101\)
OR
ciscounified_presence_serverMatch6.0\(3.1101-2\)
OR
ciscounified_presence_serverMatch6.0\(4.1101-5\)
OR
ciscounified_presence_serverMatch6.0\(5.1101-1\)
OR
ciscounified_presence_serverMatch6.0\(5.1103-2\)
OR
ciscounified_presence_serverMatch6.0.5.1102-1
OR
ciscounified_presence_serverMatch7.0.3.10102-3
OR
ciscounified_presence_serverMatch7.0.3.10103-2
OR
ciscounified_presence_serverMatch7.0.4.10101-2

6.7 Medium

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.003 Low

EPSS

Percentile

65.8%