CVE-2011-2561

Severity

71%

Complexity

86%

Confidentiality

115%

The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990.

The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990.

CVSS 2.0 Base Score 7.1. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C).

Overview

Type

Cisco Unified Communications Manager

First reported 13 years ago

2011-08-29 15:55:00

Last updated 12 years ago

2012-06-15 04:00:00

Affected Software

Cisco Unified Communications Manager 7.0(1)su1

7.0\(1\)su1

Cisco Unified Communications Manager 7.0(1)su1a

7.0\(1\)su1a

Cisco Unified Communications Manager 7.0(2)

7.0\(2\)

Cisco Unified Communications Manager 7.0(2a)

7.0\(2a\)

Cisco Unified Communications Manager 7.0(2a)su1

7.0\(2a\)su1

Cisco Unified Communications Manager 7.0(2a)su2

7.0\(2a\)su2

Cisco Unified Communications Manager 7.1(2a)

7.1\(2a\)

Cisco Unified Communications Manager 7.1(2a)su1

7.1\(2a\)su1

Cisco Unified Communications Manager 7.1(2b)

7.1\(2b\)

Cisco Unified Communications Manager 7.1(2b)su1

7.1\(2b\)su1

Cisco Unified Communications Manager 7.1(3)

7.1\(3\)

Cisco Unified Communications Manager 7.1(3a)

7.1\(3a\)

Cisco Unified Communications Manager 7.1(3a)su1

7.1\(3a\)su1

Cisco Unified Communications Manager 7.1(3a)su1a

7.1\(3a\)su1a

Cisco Unified Communications Manager 7.1(3b)

7.1\(3b\)

Cisco Unified Communications Manager 7.1(3b)su1

7.1\(3b\)su1

Cisco Unified Communications Manager 7.1(3b)su2

7.1\(3b\)su2

Cisco Unified Communications Manager 7.1(5)

7.1\(5\)

Cisco Unified Communications Manager 7.1(5)su1

7.1\(5\)su1

Cisco Unified Communications Manager 7.1(5)su1a

7.1\(5\)su1a

Cisco Unified Communications Manager 7.1(5a)

7.1\(5a\)

Cisco Unified Communications Manager 7.1(5b)

7.1\(5b\)

Cisco Unified Communications Manager 7.1(5b)su1

7.1\(5b\)su1

Cisco Unified Communications Manager 7.1(5b)su1a

7.1\(5b\)su1a

Cisco Unified Communications Manager 7.1(5b)su2

7.1\(5b\)su2

Cisco Unified Communications Manager 7.1(5b)su3

7.1\(5b\)su3

Cisco Unified Communications Manager 8.0

8.0

References

20110824 Cisco Unified Communications Manager Denial of Service Vulnerabilities

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.