- Description
- Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E"
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E"
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F"
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "373E71AE-C735-4476-A574-56C35BAD8DB0"
}
],
"operator": "OR"
}
]
}
]