CVE-2008-3801

high

Description

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047

http://www.vupen.com/english/advisories/2008/2671

http://www.vupen.com/english/advisories/2008/2670

http://www.securityfocus.com/bid/31367

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml

http://secunia.com/advisories/32013

http://secunia.com/advisories/31990

Details

Source: Mitre, NVD

Published: 2008-09-26

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 7.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High