Vulnerability Details CVE-2008-1748
Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.6%
CVSS Severity
CVSS v2 Score 7.8
References
- http://secunia.com/advisories/30238
- http://securitytracker.com/id?1020022
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml
- http://www.securityfocus.com/bid/29221
- http://www.vupen.com/english/advisories/2008/1533
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42419
- http://secunia.com/advisories/30238
- http://securitytracker.com/id?1020022
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml
- http://www.securityfocus.com/bid/29221
- http://www.vupen.com/english/advisories/2008/1533
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42419
Products affected by CVE-2008-1748
-
cpe:2.3:a:cisco:unified_communications_manager:4.1
-
cpe:2.3:a:cisco:unified_communications_manager:4.1(3)
-
cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr1
-
cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr2
-
cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr3
-
cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr4
-
cpe:2.3:a:cisco:unified_communications_manager:4.1(3)sr6
-
cpe:2.3:a:cisco:unified_communications_manager:4.2
-
cpe:2.3:a:cisco:unified_communications_manager:4.2(3)sr3
-
cpe:2.3:a:cisco:unified_communications_manager:4.3
-
cpe:2.3:a:cisco:unified_communications_manager:4.3(1)
-
cpe:2.3:a:cisco:unified_communications_manager:5.0
-
cpe:2.3:a:cisco:unified_communications_manager:5.1
-
cpe:2.3:a:cisco:unified_communications_manager:5.1(1)
-
cpe:2.3:a:cisco:unified_communications_manager:5.1(1b)
-
cpe:2.3:a:cisco:unified_communications_manager:5.1(1c)
-
cpe:2.3:a:cisco:unified_communications_manager:5.1(2)
-
cpe:2.3:a:cisco:unified_communications_manager:5.1(2a)
-
cpe:2.3:a:cisco:unified_communications_manager:5.1(2b)
-
cpe:2.3:a:cisco:unified_communications_manager:6.0
-
cpe:2.3:a:cisco:unified_communications_manager:6.0(1)
-
cpe:2.3:a:cisco:unified_communications_manager:6.0(1a)
-
cpe:2.3:a:cisco:unified_communications_manager:6.0(1b)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1