Vulnerabilities > CVE-2010-0590 - Denial of Service vulnerability in Cisco Unified Communications Manager SIP Message (CVE-2010-0590)

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

NVD

Published: 2010-03-05

Updated: 2010-03-05

Summary

The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Communications Manager 7.0 Cisco Unified Communications Manager 7.0\(1\) Cisco Unified Communications Manager 7.0\(2\) Cisco Unified Communications Manager 7.1 Cisco Unified Communications Manager 8.0	5

References

http://securitytracker.com/id?1023670
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml
http://www.securityfocus.com/bid/38495