CVE-2009-2864 : Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423.

Published 2009-09-28 19:30:01

Updated 2025-04-09 00:30:58

Source Cisco Systems, Inc.

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2009-2864

Cisco » Unified Callmanager » Version: 5.0(1)
cpe:2.3:a:cisco:unified_callmanager:5.0\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(3a)
cpe:2.3:a:cisco:unified_callmanager:5.0\(3a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(2)
cpe:2.3:a:cisco:unified_callmanager:5.0\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(3)
cpe:2.3:a:cisco:unified_callmanager:5.0\(3\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(4)
cpe:2.3:a:cisco:unified_callmanager:5.0\(4\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1
cpe:2.3:a:cisco:unified_callmanager:5.1:*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(1c)
cpe:2.3:a:cisco:unified_callmanager:5.1\(1c\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(2)
cpe:2.3:a:cisco:unified_callmanager:5.1\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(1)
cpe:2.3:a:cisco:unified_callmanager:5.1\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.0(1)
cpe:2.3:a:cisco:unified_callmanager:6.0\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(1a)
cpe:2.3:a:cisco:unified_callmanager:5.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(3b)
cpe:2.3:a:cisco:unified_callmanager:5.1\(3b\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(3c)
cpe:2.3:a:cisco:unified_callmanager:5.1\(3c\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.1(2)
cpe:2.3:a:cisco:unified_callmanager:6.1\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.1
cpe:2.3:a:cisco:unified_callmanager:6.1:*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(2a)
cpe:2.3:a:cisco:unified_callmanager:5.0\(2a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(2a)
cpe:2.3:a:cisco:unified_callmanager:5.1\(2a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(2b)
cpe:2.3:a:cisco:unified_callmanager:5.1\(2b\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.0(1a)
cpe:2.3:a:cisco:unified_callmanager:6.0\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.0(1b)
cpe:2.3:a:cisco:unified_callmanager:6.0\(1b\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(4a)
cpe:2.3:a:cisco:unified_callmanager:5.0\(4a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.0(4c)
cpe:2.3:a:cisco:unified_callmanager:5.0\(4c\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(3)
cpe:2.3:a:cisco:unified_callmanager:5.1\(3\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 5.1(3a)
cpe:2.3:a:cisco:unified_callmanager:5.1\(3a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.1(1)
cpe:2.3:a:cisco:unified_callmanager:6.1\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.1(1a)
cpe:2.3:a:cisco:unified_callmanager:6.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Callmanager » Version: 6.1(1b)
cpe:2.3:a:cisco:unified_callmanager:6.1\(1b\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(2)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(3c)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3c\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(2)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(3d)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3d\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(1)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(3a)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 7.0(1)
cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(3)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(2)su1
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1:*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(2a)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(3)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(1a)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1a\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(1c)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1c\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 7.1
cpe:2.3:a:cisco:unified_communications_manager:7.1:*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(1b)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1b\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 7.0(2)
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 5.1(3e)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3e\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(1b)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1b\):*:*:*:*:*:*:*
Matching versions
Cisco » Unified Communications Manager » Version: 6.1(2)su1a
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1a:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2009-2864

EPSS FAQ

1.39%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 79 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2009-2864

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.8	HIGH	AV:N/AC:L/Au:N/C:N/I:N/A:C	10.0	6.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete

References for CVE-2009-2864

http://www.securityfocus.com/bid/36496
http://tools.cisco.com/security/center/viewAlert.x?alertId=18883

Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/53447
http://osvdb.org/58344
http://www.vupen.com/english/advisories/2009/2757

Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml

Vendor Advisory
http://secunia.com/advisories/36836

Vendor Advisory
http://www.securitytracker.com/id?1022931

Jump to

Vulnerability Details : CVE-2009-2864

Products affected by CVE-2009-2864

Exploit prediction scoring system (EPSS) score for CVE-2009-2864

CVSS scores for CVE-2009-2864

References for CVE-2009-2864