Vulnerability Description
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Callmanager | 4.1 |
| Cisco | Unified Communications Manager | 4.1 |
| Cisco | Ios | 12.2 |
References
- http://secunia.com/advisories/31990Third Party Advisory
- http://secunia.com/advisories/32013Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.sVendor Advisory
- http://www.securityfocus.com/bid/31367Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1020939Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1020942Broken LinkThird Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2008/2670Permissions Required
- http://www.vupen.com/english/advisories/2008/2671Permissions Required
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Broken Link
- http://secunia.com/advisories/31990Third Party Advisory
- http://secunia.com/advisories/32013Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.sVendor Advisory
- http://www.securityfocus.com/bid/31367Third Party AdvisoryVDB Entry
FAQ
What is CVE-2008-3800?
CVE-2008-3800 is a vulnerability with a CVSS score of 7.1 (HIGH). Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows rem...
How severe is CVE-2008-3800?
CVE-2008-3800 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3800?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Callmanager, Cisco Unified Communications Manager, Cisco Ios.