Lucene search

[email protected]CVE-2010-4686

HistoryJan 07, 2011 - 7:00 p.m.

CVE-2010-4686

2011-01-0719:00:20

CWE-400

[email protected]

web.nvd.nist.gov

cisco

callmanager

cme

ios

denial of service

dos

sip trunk

vulnerability

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.8%

JSON

CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a “peculiar” request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950.

Affected configurations

NVD

Node

ciscoiosRange<15.0\(1\)xa1

CPENameOperatorVersion
cisco:ioscisco ioslt15.0\(1\)xa1

CPE	Name	Operator	Version
cisco:ios	cisco ios	lt	15.0\(1\)xa1

References

www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf

www.securityfocus.com/bid/45769

exchange.xforce.ibmcloud.com/vulnerabilities/64585

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.8%

JSON

Related for CVE-2010-4686

nvd1 cvelist1 prion1