Lucene search
CiscoCVE-2008-1748HistoryMay 16, 2008 - 12:54 p.m.
CVE-2008-1748
2008-05-1612:54:00
CWE-20
cisco
web.nvd.nist.gov
26
cve-2008-1748
cisco
unified communications
denial of service
sip
url validation
remote attackers
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.5
Confidence
High
EPSS
0.012
Percentile
85.2%
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.
Affected configurations
Node
ciscounified_communications_managerRange4.1–4.1\(3\)sr7
ORciscounified_communications_managerRange4.2–4.2\(3\)sr4
ORciscounified_communications_managerRange4.3–4.3\(2\)
ORciscounified_communications_managerRange5.0–5.1\(3\)
ORciscounified_communications_managerRange6.0–6.1\(1\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-1748
2008-05-16 06:54:00
prion
prion
Code injection
2008-05-16 12:54:00
nvd
nvd
CVE-2008-1748
2008-05-16 12:54:00
cisco
cisco
Cisco Unified Communications Manager Denial of Service Vulnerabilities
2008-05-14 16:00:00
seebug
seebug
Cisco Unified Communications Manager多个拒绝服务漏洞
2008-05-17 00:00:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.5
Confidence
High
EPSS
0.012
Percentile
85.2%
Related for CVE-2008-1748