CVE-2011-2560

The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.

Published: Aug 29, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-2560
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_manager	4.2.3sr2	4.2.3sr2.x
cisco / unified_communications_manager	4.1(3)sr1	4.1(3)sr1.x
cisco / unified_communications_manager	4.2.3sr1	4.2.3sr1.x
cisco / unified_communications_manager	4.1(3)sr2	4.1(3)sr2.x
cisco / unified_communications_manager	4.1(3)	4.1(3).x
cisco / unified_communications_manager	4.2	4.2.x
cisco / unified_communications_manager	4.3	4.3.x
cisco / unified_communications_manager	4.2.3	4.2.3.x
cisco / unified_communications_manager	4.1(3)sr4	4.1(3)sr4.x
cisco / unified_communications_manager	4.2.1	4.2.1.x
cisco / unified_communications_manager	4.2.2	4.2.2.x
cisco / unified_communications_manager	4.3(1)	4.3(1).x
cisco / unified_communications_manager	4.1(3)sr3	4.1(3)sr3.x
cisco / unified_communications_manager	4.2.3sr2b	4.2.3sr2b.x

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml

Vulnerability Database

289,689

CVE-2011-2560