← Back

CVE-2008-1748

nvd nist
Published: May 16, 2008Modified: Apr 23, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.

Affected (5)

Cisco
1 product
Unified Communications Manager
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Unified Communications Manager
From 4.1 to 4.1\(3\)sr7
Unified Communications Manager
From 4.2 to 4.2\(3\)sr4
Unified Communications Manager
From 4.3 to 4.3\(2\)
Unified Communications Manager
From 5.0 to 5.1\(3\)
Unified Communications Manager
From 6.0 to 6.1\(1\)

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (12)

Source: psirt@cisco.com
Third Party Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
PatchVendor Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Permissions Required
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.