Search Results (Refine Search)
- CPE Product Version: cpe:/a:cisco:unified_communications_manager:4.2.3
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-3453 |
Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959. Published: August 22, 2013; 6:55:05 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2011-2560 |
The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162. Published: August 29, 2011; 11:55:01 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2838 |
The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305. Published: August 26, 2010; 5:00:01 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-2837 |
The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310. Published: August 26, 2010; 5:00:01 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-0592 |
The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800. Published: March 05, 2010; 11:30:00 AM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2010-0587 |
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. Published: March 05, 2010; 11:30:00 AM -0500 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-2054 |
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689. Published: August 27, 2009; 1:00:01 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2009-2050 |
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. Published: August 27, 2009; 1:00:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-5537 |
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. Published: October 17, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2007-5538 |
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. Published: October 17, 2007; 8:17:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-4634 |
Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. Published: August 31, 2007; 7:17:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |