Vulnerability Details : CVE-2011-2564
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2011-2564
Probability of exploitation activity in the next 30 days: 0.56%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-2564
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2011-2564
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f533.shtml
Denial of Service Vulnerabilities in Cisco Intercompany Media Engine - CiscoVendor Advisory
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml
Cisco Unified Communications Manager Denial of Service Vulnerabilities - CiscoVendor Advisory
-
http://www.securitytracker.com/id?1025969
Cisco Intercompany Media Engine Bugs Let Remote Users Deny Service - SecurityTracker
Products affected by CVE-2011-2564
- cpe:2.3:a:cisco:unified_communications_manager:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(2c\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(2c\)su1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(3\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\)su1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\)su2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:intercompany_media_engine:8.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:intercompany_media_engine:8.0\(3\):*:*:*:*:*:*:*