CVE Vulnerabilities

CVE-2011-2560

Published: Aug 29, 2011 | Modified: Jun 15, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.

Affected Software

Name Vendor Start Version End Version
Unified_communications_manager Cisco 4.2.3sr2 4.2.3sr2
Unified_communications_manager Cisco 4.1(3)sr1 4.1(3)sr1
Unified_communications_manager Cisco 4.2.3sr1 4.2.3sr1
Unified_communications_manager Cisco 4.1(3)sr2 4.1(3)sr2
Unified_communications_manager Cisco 4.1(3) 4.1(3)
Unified_communications_manager Cisco 4.2 4.2
Unified_communications_manager Cisco 4.3 4.3
Unified_communications_manager Cisco 4.2.3 4.2.3
Unified_communications_manager Cisco 4.1(3)sr4 4.1(3)sr4
Unified_communications_manager Cisco 4.2.1 4.2.1
Unified_communications_manager Cisco 4.2.2 4.2.2
Unified_communications_manager Cisco 4.3(1) 4.3(1)
Unified_communications_manager Cisco 4.1(3)sr3 4.1(3)sr3
Unified_communications_manager Cisco 4.2.3sr2b 4.2.3sr2b

References