Vulnerability Details CVE-2010-0591
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.6%
CVSS Severity
CVSS v2 Score 7.8
References
- http://securitytracker.com/id?1023670
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml
- http://www.securityfocus.com/bid/38498
- http://securitytracker.com/id?1023670
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml
- http://www.securityfocus.com/bid/38498
Products affected by CVE-2010-0591
-
cpe:2.3:a:cisco:unified_communications_manager:6.0
-
cpe:2.3:a:cisco:unified_communications_manager:6.0(1)
-
cpe:2.3:a:cisco:unified_communications_manager:6.0(1a)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(1)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(1a)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(1b)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(2)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(2)su1
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(2)su1a
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(3)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1(4)
-
cpe:2.3:a:cisco:unified_communications_manager:6.1.0
-
cpe:2.3:a:cisco:unified_communications_manager:7.0
-
cpe:2.3:a:cisco:unified_communications_manager:7.0(1)
-
cpe:2.3:a:cisco:unified_communications_manager:7.0(2)
-
cpe:2.3:a:cisco:unified_communications_manager:7.1
-
cpe:2.3:a:cisco:unified_communications_manager:8.0