CVE-2009-2051
Published Aug 27, 2009
Last updated 3 years ago
Overview
- Description
- Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B48B0779-7796-45D2-8967-459F562A6243",
"versionEndExcluding": "5.1\\(3g\\)",
"versionStartIncluding": "5.0"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98AF7F97-8702-4E7B-BDE4-BD5A3114FDF4",
"versionEndExcluding": "6.1\\(4\\)",
"versionStartIncluding": "6.1\\(1\\)"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96DB29BF-9A40-4591-BE41-C519B86C2EEF",
"versionEndExcluding": "7.1\\(2\\)",
"versionStartIncluding": "7.1"
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBB64D7E-7C96-4A3D-BA83-60EE8D5DFB21",
"versionEndIncluding": "12.4",
"versionStartIncluding": "12.2"
},
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "537031DB-5ADF-475E-BFFA-9092652BF2B6",
"versionEndIncluding": "15.1",
"versionStartIncluding": "15.0"
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DEE9D2D-BE50-4216-8F7E-CB6F46880E08",
"versionEndIncluding": "2.6.1",
"versionStartIncluding": "2.5.0"
}
],
"operator": "OR"
}
]
}
]