CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
53.2%
The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unified_communications_manager | 7.0(1)su1 | cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.0(1)su1a | cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1a:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.0(2) | cpe:2.3:a:cisco:unified_communications_manager:7.0\(2\):*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.0(2a) | cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\):*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.0(2a)su1 | cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su1:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.0(2a)su2 | cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su2:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.1(2a) | cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\):*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.1(2a)su1 | cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\)su1:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.1(2b) | cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\):*:*:*:*:*:*:* |
cisco | unified_communications_manager | 7.1(2b)su1 | cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\)su1:*:*:*:*:*:*:* |