CVE-2011-2560

Published: Aug 29, 2011Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.

Affected (14)

Products: Cisco: Unified Communications Manager

Cisco

1 product

Unified Communications Manager

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	Version 4.1(3)
Cisco Unified Communications Manager	Version 4.1(3)sr1
Cisco Unified Communications Manager	Version 4.1(3)sr2
Cisco Unified Communications Manager	Version 4.1(3)sr3
Cisco Unified Communications Manager	Version 4.1(3)sr4
Cisco Unified Communications Manager	Version 4.2.1
Cisco Unified Communications Manager	Version 4.2.2
Cisco Unified Communications Manager	Version 4.2.3
Cisco Unified Communications Manager	Version 4.2.3sr1
Cisco Unified Communications Manager	Version 4.2.3sr2
Cisco Unified Communications Manager	Version 4.2.3sr2b
Cisco Unified Communications Manager	Version 4.2
Cisco Unified Communications Manager	Version 4.3
Cisco Unified Communications Manager	Version 4.3(1)

Related CWEs

CWE-399

References (2)

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml

Source: psirt@cisco.com

Vendor Advisory

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.