CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
Confidence
High
EPSS
Percentile
86.2%
Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ios | 12.4 | cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:* |
cisco | ios | 15.0 | cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:* |
cisco | ios | 15.1 | cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:* |
cisco | ios_xe | 2.5.0 | cpe:2.3:o:cisco:ios_xe:2.5.0:*:*:*:*:*:*:* |
cisco | ios_xe | 2.5.1 | cpe:2.3:o:cisco:ios_xe:2.5.1:*:*:*:*:*:*:* |
cisco | ios_xe | 2.5.2 | cpe:2.3:o:cisco:ios_xe:2.5.2:*:*:*:*:*:*:* |
cisco | ios_xe | 2.6.0 | cpe:2.3:o:cisco:ios_xe:2.6.0:*:*:*:*:*:*:* |
cisco | ios_xe | 2.6.1 | cpe:2.3:o:cisco:ios_xe:2.6.1:*:*:*:*:*:*:* |
cisco | ios_xe | 2.6.2 | cpe:2.3:o:cisco:ios_xe:2.6.2:*:*:*:*:*:*:* |
cisco | ios_xe | 3.1.0s | cpe:2.3:o:cisco:ios_xe:3.1.0s:*:*:*:*:*:*:* |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-cucm
tools.cisco.com/security/center/viewAlert.x?alertId=24129
www.cisco.com/en/US/products/products_security_advisory09186a0080b95d58.shtml
www.cisco.com/en/US/products/products_security_advisory09186a0080b95d5a.shtml
www.securitytracker.com/id?1026110