Vulnerability Description
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Communications Manager | >= 4.0, < 5.1\(3g\) |
Related Weaknesses (CWE)
References
- http://osvdb.org/57456Broken Link
- http://secunia.com/advisories/36498Broken Link
- http://secunia.com/advisories/36499Broken Link
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.sBroken LinkPatchVendor Advisory
- http://www.securityfocus.com/bid/36152Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1022775Broken LinkThird Party AdvisoryVDB Entry
- http://osvdb.org/57456Broken Link
- http://secunia.com/advisories/36498Broken Link
- http://secunia.com/advisories/36499Broken Link
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.sBroken LinkPatchVendor Advisory
- http://www.securityfocus.com/bid/36152Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1022775Broken LinkThird Party AdvisoryVDB Entry
FAQ
What is CVE-2009-2054?
CVE-2009-2054 is a vulnerability with a CVSS score of 7.8 (HIGH). Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a de...
How severe is CVE-2009-2054?
CVE-2009-2054 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2054?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Communications Manager.