Vulnerabilities > CVE-2010-2825 - Unspecified vulnerability in Cisco ACE 4710 and ACE Module

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

NVD

Published: 2010-08-17

Updated: 2011-07-26

Summary

Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.4), allows remote attackers to cause a denial of service (device reload) via crafted SIP packets over (1) TCP or (2) UDP, aka Bug IDs CSCta65603 and CSCta71569.

Vulnerable Configurations

Part	Description	Count
Hardware	Cisco Cisco ACE Module * Cisco Catalyst 6500 * Cisco Catalyst 7600 * Cisco ACE 4710 * Cisco ACE 4710 A1\(2.0\) Cisco ACE 4710 A1\(2.3\) Cisco ACE 4710 A1\(8.0\) Cisco ACE 4710 A3\(1.0\) Cisco ACE 4710 A3\(2.0\)	9

References

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4091d.shtml