1. Home
  2. CVE Database
  3. CVE-2011-2072
HIGH · 7.8

CVE-2011-2072

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6...

Vulnerability Description

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686.

CVSS Score

7.8

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
CiscoIos12.4
CiscoIos Xe2.5.0
CiscoUnified Communications Manager6.0

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2011-2072?

CVE-2011-2072 is a vulnerability with a CVSS score of 7.8 (HIGH). Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6...

How severe is CVE-2011-2072?

CVE-2011-2072 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-2072?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Ios, Cisco Ios Xe, Cisco Unified Communications Manager.