ID |
CVE-2008-3801
|
Summary |
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:unified_callmanager:4.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:4.3:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*
-
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.1 (as of 02-06-2022 - 17:12) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-noinfo |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
oval
via4
|
accepted | 2010-08-02T04:00:09.260-04:00 | class | vulnerability | contributors | name | Yuzheng Zhou | organization | Hewlett-Packard |
name | KASHIF LATIF | organization | DTCC |
| description | Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. | family | ios | id | oval:org.mitre.oval:def:6047 | status | accepted | submitted | 2008-09-24T11:06:36.000-04:00 | title | Cisco IOS Session Initiation Protocol Denial of Service Vulnerability | version | 8 |
|
refmap
via4
|
bid | 31367 | cisco | - 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities
- 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities
| sectrack | | secunia | | vupen | - ADV-2008-2670
- ADV-2008-2671
|
|
Last major update |
02-06-2022 - 17:12 |
Published |
26-09-2008 - 16:21 |
Last modified |
02-06-2022 - 17:12 |