Lucene search

CiscoCVE-2009-0057

HistoryJan 22, 2009 - 6:30 p.m.

CVE-2009-0057

2009-01-2218:30:03

CWE-20

cisco

web.nvd.nist.gov

cisco

unified communications manager

capf service

denial of service

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.023

Percentile

89.6%

JSON

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the “client terminates prematurely.”

Affected configurations

Nvd

Node

ciscounified_communications_managerMatch5.0

ciscounified_communications_managerMatch5.0_1

ciscounified_communications_managerMatch5.0_2

ciscounified_communications_managerMatch5.0_3

ciscounified_communications_managerMatch5.0_3a

ciscounified_communications_managerMatch5.0_4

ciscounified_communications_managerMatch5.0_4a

ciscounified_communications_managerMatch5.0_4a_su1

ciscounified_communications_managerMatch5.1

ciscounified_communications_managerMatch5.1\(1\)

ciscounified_communications_managerMatch5.1\(2\)

ciscounified_communications_managerMatch5.1\(2a\)

ciscounified_communications_managerMatch5.1\(2b\)

ciscounified_communications_managerMatch5.1\(3a\)

ciscounified_communications_managerMatch5.15.1\(1\)

ciscounified_communications_managerMatch5.15.1_\(2a\)

ciscounified_communications_managerMatch5.1\(1\)

ciscounified_communications_managerMatch5.1\(2\)

ciscounified_communications_managerMatch5.1\(3c\)

ciscounified_communications_managerMatch5.1.2

ciscounified_communications_managerMatch5.1_\(2a\)

ciscounified_communications_managerMatch5.1_1

ciscounified_communications_managerMatch5.1_2

ciscounified_communications_managerMatch5.1_2a

ciscounified_communications_managerMatch5.1_2b

ciscounified_communications_managerMatch5.1_3a

ciscounified_communications_managerMatch6.0

ciscounified_communications_managerMatch6.0\(1\)

ciscounified_communications_managerMatch6.0\(1a\)

ciscounified_communications_managerMatch6.0_1

ciscounified_communications_managerMatch6.0_1a

ciscounified_communications_managerMatch6.1

ciscounified_communications_managerMatch6.1\(1a\)

ciscounified_communications_managerMatch6.1\(2\)

ciscounified_communications_managerMatch6.1.0

ciscounified_communications_managerMatch6.1_1a

VendorProductVersionCPE
ciscounified_communications_manager5.0cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_1cpe:2.3:a:cisco:unified_communications_manager:5.0_1:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_2cpe:2.3:a:cisco:unified_communications_manager:5.0_2:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_3cpe:2.3:a:cisco:unified_communications_manager:5.0_3:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_3acpe:2.3:a:cisco:unified_communications_manager:5.0_3a:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_4cpe:2.3:a:cisco:unified_communications_manager:5.0_4:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_4acpe:2.3:a:cisco:unified_communications_manager:5.0_4a:*:*:*:*:*:*:*
ciscounified_communications_manager5.0_4a_su1cpe:2.3:a:cisco:unified_communications_manager:5.0_4a_su1:*:*:*:*:*:*:*
ciscounified_communications_manager5.1cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
ciscounified_communications_manager5.1cpe:2.3:a:cisco:unified_communications_manager:5.1:\(1\):*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_communications_manager	5.0	cpe:2.3:a:cisco:unified_communications_manager:5.0:::::::*
cisco	unified_communications_manager	5.0_1	cpe:2.3:a:cisco:unified_communications_manager:5.0_1:::::::*
cisco	unified_communications_manager	5.0_2	cpe:2.3:a:cisco:unified_communications_manager:5.0_2:::::::*
cisco	unified_communications_manager	5.0_3	cpe:2.3:a:cisco:unified_communications_manager:5.0_3:::::::*
cisco	unified_communications_manager	5.0_3a	cpe:2.3:a:cisco:unified_communications_manager:5.0_3a:::::::*
cisco	unified_communications_manager	5.0_4	cpe:2.3:a:cisco:unified_communications_manager:5.0_4:::::::*
cisco	unified_communications_manager	5.0_4a	cpe:2.3:a:cisco:unified_communications_manager:5.0_4a:::::::*
cisco	unified_communications_manager	5.0_4a_su1	cpe:2.3:a:cisco:unified_communications_manager:5.0_4a_su1:::::::*
cisco	unified_communications_manager	5.1	cpe:2.3:a:cisco:unified_communications_manager:5.1:::::::*
cisco	unified_communications_manager	5.1	cpe:2.3:a:cisco:unified_communications_manager:5.1:\(1\)::::::

Rows per page:

1-10 of 361

References

secunia.com/advisories/33588

www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtml

www.securityfocus.com/bid/33379

www.securitytracker.com/id?1021620

www.vupen.com/english/advisories/2009/0213

exchange.xforce.ibmcloud.com/vulnerabilities/48139

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.7

Confidence

High

EPSS

0.023

Percentile

89.6%

JSON

Related for CVE-2009-0057