Denial of Service Vulnerability in Cisco Unified Communications Manager
CVE-2007-5537

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Manager; Unified Callmanager
Vendor: CVE Published:; 18 October 2007

Summary

Cisco Unified Communications Manager (CUCM) and Unified CallManager versions prior to 5.1(2) are prone to a denial of service vulnerability. An attacker can exploit this by sending a high volume of SIP INVITE messages to UDP port 5060, resulting in resource exhaustion and causing the system to experience a kernel panic. This vulnerability exposes the affected systems to potential disruption of communication services, making timely updates and patches critical for maintaining system integrity.

References

http://www.securityfocus.com/bid/26105

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/37246

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2007/3532

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Oct 18, 2007
Vulnerability Reserved
Oct 17, 2007