CVE-2008-1158

2008-05-1612:54:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.021

Percentile

89.3%

JSON

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.

Affected configurations

Nvd

Node

ciscounified_presenceMatch6.0

ciscounified_presence_serverMatch1.0

ciscounified_presence_serverMatch1.0\(1\)

ciscounified_presence_serverMatch1.0\(2\)

ciscounified_presence_serverMatch1.0\(3\)

VendorProductVersionCPE
ciscounified_presence6.0cpe:2.3:a:cisco:unified_presence:6.0:*:*:*:*:*:*:*
ciscounified_presence_server1.0cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*
ciscounified_presence_server1.0(1)cpe:2.3:a:cisco:unified_presence_server:1.0\(1\):*:*:*:*:*:*:*
ciscounified_presence_server1.0(2)cpe:2.3:a:cisco:unified_presence_server:1.0\(2\):*:*:*:*:*:*:*
ciscounified_presence_server1.0(3)cpe:2.3:a:cisco:unified_presence_server:1.0\(3\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_presence	6.0	cpe:2.3:a:cisco:unified_presence:6.0:::::::*
cisco	unified_presence_server	1.0	cpe:2.3:a:cisco:unified_presence_server:1.0:::::::*
cisco	unified_presence_server	1.0(1)	cpe:2.3:a:cisco:unified_presence_server:1.0\(1\):::::::*
cisco	unified_presence_server	1.0(2)	cpe:2.3:a:cisco:unified_presence_server:1.0\(2\):::::::*
cisco	unified_presence_server	1.0(3)	cpe:2.3:a:cisco:unified_presence_server:1.0\(3\):::::::*