Vulnerability CVE-2011-4486
Published: 2012-02-29   Modified: 2012-03-01

Description:
Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538.

Type:

CWE-399

 (Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Business edition 3000 software 
Cisco -> Business edition 5000 software 
Cisco -> Business edition 6000 software 
Cisco -> Unified communications manager 
Cisco -> Business edition 3000 
Cisco -> Business edition 5000 
Cisco -> Business edition 6000 

 References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-cucm
Copyright 2024, cxsecurity.com

 

Back to Top