Code injection

2013-05-0912:31:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%

JSON

The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVITE messages, aka Bug ID CSCua65148.

CPENameOperatorVersion
unified_customer_voice_portaleq3.0 sr1
unified_customer_voice_portaleq4.2.0
unified_customer_voice_portaleq3.610 es1
unified_customer_voice_portaleq4.2 sr1
unified_customer_voice_portaleq<= 9.1
unified_customer_voice_portaleq7.2.0
unified_customer_voice_portaleq8.51.0
unified_customer_voice_portaleq9.0
unified_customer_voice_portaleq4.0
unified_customer_voice_portaleq7.0

Name	Operator	Version
unified_customer_voice_portal	eq	3.0 sr1
unified_customer_voice_portal	eq	4.2.0
unified_customer_voice_portal	eq	3.610 es1
unified_customer_voice_portal	eq	4.2 sr1
unified_customer_voice_portal	eq	<= 9.1
unified_customer_voice_portal	eq	7.2.0
unified_customer_voice_portal	eq	8.51.0
unified_customer_voice_portal	eq	9.0
unified_customer_voice_portal	eq	4.0
unified_customer_voice_portal	eq	7.0