FKIE_CVE-2010-2837

Vulnerability from fkie_nvd - Published: 2010-08-26 21:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310.
References
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b43908.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.vupen.com/english/advisories/2010/2187
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43908.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/2187
Impacted products
Vendor Product Version
cisco unified_communications_manager *
cisco unified_communications_manager 6.1\(1\)
cisco unified_communications_manager 6.1\(1a\)
cisco unified_communications_manager 6.1\(1b\)
cisco unified_communications_manager 6.1\(2\)
cisco unified_communications_manager 6.1\(2\)su1
cisco unified_communications_manager 6.1\(2\)su1a
cisco unified_communications_manager 6.1\(3\)
cisco unified_communications_manager 6.1\(3a\)
cisco unified_communications_manager 6.1\(3b\)
cisco unified_communications_manager 6.1\(3b\)su1
cisco unified_communications_manager 6.1\(4\)
cisco unified_communications_manager 6.1\(4\)su1
cisco unified_communications_manager 6.1\(4a\)
cisco unified_communications_manager 6.1\(4a\)su2
cisco unified_communications_manager *
cisco unified_communications_manager 7.0\(1\)su1
cisco unified_communications_manager 7.0\(1\)su1a
cisco unified_communications_manager 7.0\(2\)
cisco unified_communications_manager 7.0\(2a\)
cisco unified_communications_manager 7.0\(2a\)su1
cisco unified_communications_manager *
cisco unified_communications_manager 7.1\(2a\)
cisco unified_communications_manager 7.1\(2a\)su1
cisco unified_communications_manager 7.1\(2b\)
cisco unified_communications_manager 7.1\(2b\)su1
cisco unified_communications_manager 7.1\(3\)
cisco unified_communications_manager 7.1\(3a\)
cisco unified_communications_manager 7.1\(3a\)su1
cisco unified_communications_manager 7.1\(3a\)su1a
cisco unified_communications_manager 7.1\(3b\)
cisco unified_communications_manager 7.1\(3b\)su1
cisco unified_communications_manager 7.1\(3b\)su2
cisco unified_communications_manager 7.1\(5\)
cisco unified_communications_manager 7.1\(5\)su1
cisco unified_communications_manager 7.1\(5a\)
cisco unified_communications_manager 7.1\(5b\)
cisco unified_communications_manager 8.0\(2c\)
cisco unified_communications_manager 8.0\(2c\)su1
cisco unified_communications_manager 8.0\(3\)
To clipboard Create KEV Entry 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FFB7FB9-0DDA-4F14-B372-68B84F9936F3",
              "versionEndIncluding": "6.1\\(5\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6CC94003-72B6-45C3-A07E-0A08F1562B6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "958A2707-0F1A-4719-BB9F-DC9ED129105A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "48A8EE9A-458D-4619-B04D-F01A9934DC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "597D9674-F44D-4A31-A2F2-2790ED698A91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2B7439-8547-41A6-AE6C-6ABCD167890E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF3EB2A0-6907-4260-BBF1-D8E6E40827FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BE122F76-ECDB-4446-825C-EF02257D8C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "44280E56-C151-4C08-804D-001F91FF2AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BD968A56-9539-4699-9099-0F220D283CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CEBB9B-2B43-44C2-BC93-55E58C24CED4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2597F4-9B5B-4E2E-8DA5-40D769CC57B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "665ACEFC-B989-42AB-BAB4-2C273CF2B702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4F9ABF04-C732-4509-8589-F58E1D5F66E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D899431-7C91-4CB4-9CBA-D5BA34B7B330",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5536D6A1-B7F4-4A88-8609-6AA3DE15BAC2",
              "versionEndIncluding": "7.0\\(2a\\)su2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "72C54A10-998C-435F-B058-A6879CD608A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "D81D69D5-E669-4DBC-A76B-E9C30A239A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FCB47159-FA07-4317-B562-D7AB7C49E8F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8765E016-7C6F-4C36-A22C-78ED8666F7E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3D5254-3E67-452E-ADB3-204A66765952",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB76A56C-880B-4146-A023-3DCFF5D2C39F",
              "versionEndIncluding": "7.1\\(5\\)su1a",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B591E75E-040C-4D26-AF13-A4F87E048579",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22B2CDE-DB49-402D-8BF2-B9458D907DDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "18986D7E-E1E6-46EB-A247-2A98224FC122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFAAC2E8-B548-4940-9492-DEAB574E7CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "46BDD926-7F96-46C5-AD9C-40B7D3C78340",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7BA63076-B8A1-4672-99F3-703F7838F3A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EADE6FA-40F8-4BEB-ABDB-77D4C0E587BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F84676C-75A5-48D2-889D-B48EC724336F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA15D48-A0DE-4091-8C78-666E98B488C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3038823F-C32D-4C1B-8228-D14B35535297",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "617E82C3-1CB1-46B2-BCFE-94BF9DBDD1D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2ECDCE1A-176D-46E0-9C39-19FAD7B57892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6856A2A-55F4-4785-BEC1-54295D7D9CD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F61FD826-A08E-477C-AA57-359B10387035",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9EDB91-350B-4ED4-A177-257023380C44",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C09FE52A-E0AF-4B0F-A44E-4362E26A88D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2c\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9AD0704-6F85-4E64-88D4-73E8BB2BEF4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "07EF7BE6-2702-4174-A8AA-AFD44014F8A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n SIPStationInit en Cisco Unified Communications Manager (tambi\u00e9n conocida como CUCM, anteriormente CallManager) v6.1SU anterior a v6.1(5)SU1, v7.0SU anterior a v7.0(2a)SU3, v7.1SU anterior a v7.1(3b)SU2, v7.1 anterior a v7.1(5), y v8.0 anterior a v8.0(1), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo de proceso) a trav\u00e9s de un mensaje SIP mal formado, tambi\u00e9n conocido como Bug ID CSCtd17310."
    }
  ],
  "evaluatorSolution": "Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43908.shtml\r\n\r\n\u0027Cisco bug ID CSCtd17310 and has been assigned the CVE identifier CVE-2010-2837. This vulnerability is fixed in Cisco Unified Communications Manager versions 6.1(5)SU1, 7.0(2a)SU3, 7.1(3b)SU2, 7.1(5) and 8.0(1). Cisco Unified Communications Manager version 4.x is not affected.\u0027",
  "id": "CVE-2010-2837",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-08-26T21:00:01.450",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43908.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2010/2187"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43908.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2187"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.