Vulnerabilities > CVE-2010-0587 - Denial of Service vulnerability in Cisco Unified Communications Manager SCCP (CVE-2010-0587)

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

NVD

Published: 2010-03-05

Updated: 2010-03-05

Summary

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. Per:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml The following products are affected by vulnerabilities that are described in this advisory: * Cisco Unified Communications Manager 4.x * Cisco Unified Communications Manager 5.x * Cisco Unified Communications Manager 6.x * Cisco Unified Communications Manager 7.x

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Communications Manager 4.1 Cisco Unified Communications Manager 4.1\(3\) Cisco Unified Communications Manager 4.1\(3\)Sr1 Cisco Unified Communications Manager 4.1\(3\)Sr2 Cisco Unified Communications Manager 4.1\(3\)Sr3 Cisco Unified Communications Manager 4.1\(3\)Sr4 Cisco Unified Communications Manager 4.1.1 Cisco Unified Communications Manager 4.1.2 Cisco Unified Communications Manager 4.1.3 Cisco Unified Communications Manager 4.2 Cisco Unified Communications Manager 4.2\(3\)Sr1 Cisco Unified Communications Manager 4.2\(3\)Sr2B Cisco Unified Communications Manager 4.2\(3\)Sr3 Cisco Unified Communications Manager 4.2\(3\)Sr4 Cisco Unified Communications Manager 4.2.1 Cisco Unified Communications Manager 4.2.2 Cisco Unified Communications Manager 4.2.3 Cisco Unified Communications Manager 4.2.3_Sr3 Cisco Unified Communications Manager 4.2.3Sr1 Cisco Unified Communications Manager 4.2.3Sr2 Cisco Unified Communications Manager 4.2.3Sr2B Cisco Unified Communications Manager 4.2_1 Cisco Unified Communications Manager 4.2_2 Cisco Unified Communications Manager 4.2_3 Cisco Unified Communications Manager 4.2_3Sr1 Cisco Unified Communications Manager 4.3 Cisco Unified Communications Manager 4.3\(1\) Cisco Unified Communications Manager 4.3\(1\)Sr.1 Cisco Unified Communications Manager 4.3\(2\) Cisco Unified Communications Manager 4.3\(2\)Sr1 Cisco Unified Communications Manager 4.3.1 Cisco Unified Communications Manager 4.3_1 Cisco Unified Communications Manager 6.0 Cisco Unified Communications Manager 6.0\(1\) Cisco Unified Communications Manager 6.0\(1A\) Cisco Unified Communications Manager 6.1 Cisco Unified Communications Manager 6.1\(1\) Cisco Unified Communications Manager 6.1\(1A\) Cisco Unified Communications Manager 6.1\(1B\) Cisco Unified Communications Manager 6.1\(2\) Cisco Unified Communications Manager 6.1\(2\)Su1 Cisco Unified Communications Manager 6.1\(2\)Su1A Cisco Unified Communications Manager 6.1\(3\) Cisco Unified Communications Manager 6.1\(4\) Cisco Unified Communications Manager 6.1.0 Cisco Unified Communications Manager 7.0 Cisco Unified Communications Manager 7.0\(1\) Cisco Unified Communications Manager 7.0\(2\) Cisco Unified Communications Manager 7.1 Cisco Unified Communications Manager 8.0	60

Summary

Vulnerable Configurations

References