CVE-2011-4019

Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager (CUCM) 7.x, allows remote attackers to cause a denial of service (memory consumption) via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883.

CVSS v2.0 5.4 MEDIUM

5.4^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:N/A:C

Exploitability : 4.9 / Impact : 6.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151TCAVS.html
http://www.cisco.com/web/software/282074295/90289/cucm-readme-715bsu5.pdf
http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151TCAVS.html
http://www.cisco.com/web/software/282074295/90289/cucm-readme-715bsu5.pdf

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:ios:12.4:::::::*
	cpe:2.3:o:cisco:ios:15.0:::::::*
	cpe:2.3:o:cisco:ios:15.1:::::::*
	cpe:2.3:o:cisco:ios:15.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:cisco:unified_communications_manager:7.0:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1a:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(2\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su2:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.0_base:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\)su1a:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\)su2:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\)su1a:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5a\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\):::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su1:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su1a:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su2:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su3:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su4:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su5:::::::*
	cpe:2.3:a:cisco:unified_communications_manager:7.1_base:::::::*

History

21 Nov 2024, 01:31

Type	Values Removed	Values Added
References	~~() http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151TCAVS.html -~~	() http://www.cisco.com/en/US/docs/ios/15_1/release/notes/151TCAVS.html -
References	~~() http://www.cisco.com/web/software/282074295/90289/cucm-readme-715bsu5.pdf -~~	() http://www.cisco.com/web/software/282074295/90289/cucm-readme-715bsu5.pdf -

Information

Published : 2012-05-03 10:11

Updated : 2024-11-21 01:31

NVD link : CVE-2011-4019

Mitre link : CVE-2011-4019

CVE.ORG link : CVE-2011-4019

JSON object : View

Products Affected

cisco

unified_communications_manager
ios

CWE

CWE-399

Resource Management Errors

5.4 /10