Vulnerability Description
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Callmanager | 4.1 |
| Cisco | Unified Communications Manager | 4.1 |
| Cisco | Ios | 12.2 |
References
- http://secunia.com/advisories/31990Third Party Advisory
- http://secunia.com/advisories/32013Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.sVendor Advisory
- http://www.securityfocus.com/bid/31367Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1020939Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1020942Broken LinkThird Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2008/2670Permissions Required
- http://www.vupen.com/english/advisories/2008/2671Permissions Required
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://secunia.com/advisories/31990Third Party Advisory
- http://secunia.com/advisories/32013Third Party Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.sVendor Advisory
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.sVendor Advisory
- http://www.securityfocus.com/bid/31367Third Party AdvisoryVDB Entry
FAQ
What is CVE-2008-3801?
CVE-2008-3801 is a vulnerability with a CVSS score of 7.1 (HIGH). Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows rem...
How severe is CVE-2008-3801?
CVE-2008-3801 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3801?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Callmanager, Cisco Unified Communications Manager, Cisco Ios.