Published: 03/05/2011 Updated: 17/08/2017

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Subscribe to Unified Communications Manager

Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x prior to 6.1(5)su3, 7.x prior to 7.1(5b)su3, 8.0 prior to 8.0(3a)su2, and 8.5 prior to 8.5(1) allows remote malicious users to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified communications manager 6.1\\(1b\\)
cisco unified communications manager 6.0
cisco unified communications manager 6.1\\(1a\\)
cisco unified communications manager 6.1\\(3\\)
cisco unified communications manager 6.1\\(3a\\)
cisco unified communications manager 6.1\\(4\\)
cisco unified communications manager 6.1\\(1\\)
cisco unified communications manager 6.1\\(2\\)su1
cisco unified communications manager 6.1\\(3b\\)su1
cisco unified communications manager 6.1\\(4a\\)
cisco unified communications manager 6.1\\(4\\)su1
cisco unified communications manager 6.1\\(4a\\)su2
cisco unified communications manager 6.1\\(2\\)
cisco unified communications manager 6.1\\(2\\)su1a
cisco unified communications manager 6.1\\(3b\\)
cisco unified communications manager 6.1\\(5\\)
cisco unified communications manager 6.1\\(5\\)su1
cisco unified communications manager 6.1\\(5\\)su2
cisco unified communications manager 7.1\\(3a\\)su1
cisco unified communications manager 7.1\\(5\\)su1a
cisco unified communications manager 7.1\\(5\\)su1
cisco unified communications manager 7.0\\(1\\)su1a
cisco unified communications manager 7.0\\(2a\\)
cisco unified communications manager 7.1\\(3\\)
cisco unified communications manager 7.1\\(5\\)
cisco unified communications manager 7.1\\(3b\\)su2
cisco unified communications manager 7.0\\(2\\)
cisco unified communications manager 7.0\\(1\\)su1
cisco unified communications manager 7.1\\(2b\\)
cisco unified communications manager 7.1\\(2b\\)su1
cisco unified communications manager 7.1\\(3b\\)
cisco unified communications manager 7.1\\(3a\\)
cisco unified communications manager 7.1\\(5b\\)
cisco unified communications manager 7.1\\(5a\\)
cisco unified communications manager 7.1\\(2a\\)
cisco unified communications manager 7.1\\(2a\\)su1
cisco unified communications manager 7.1\\(3b\\)su1
cisco unified communications manager 7.1\\(3a\\)su1a
cisco unified communications manager 7.0\\(2a\\)su1
cisco unified communications manager 7.0\\(2a\\)su2
cisco unified communications manager 7.1\\(5b\\)su2
cisco unified communications manager 8.0\\(3a\\)su1
cisco unified communications manager 8.5
cisco unified communications manager 8.0\\(2c\\)
cisco unified communications manager 8.0\\(3a\\)
cisco unified communications manager 8.0\\(3\\)
cisco unified communications manager 8.0\\(2c\\)su1

Cisco Unified Communications Manager (previously known as Cisco CallManager) contains the following vulnerabilities: Three (3) denial of service (DoS) vulnerabilities that affect Session Initiation Protocol (SIP) services Directory transversal vulnerability Two (2) SQL injection vulnerabilities Cisco has released free software upd ...

CWE-399 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml http://www.securityfocus.com/bid/47609 http://secunia.com/advisories/44331 http://www.securitytracker.com/id?1025449 http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html http://www.vupen.com/english/advisories/2011/1122 https://exchange.xforce.ibmcloud.com/vulnerabilities/67122 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110427-cucm

CVE-2011-1604

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect