Vulnerability Name:

CVE-2009-2053 (CCN-52816)

Assigned:2009-08-26
Published:2009-08-26
Updated:2021-10-06
Summary:Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2009-2053

Source: OSVDB
Type: Broken Link
57455

Source: CCN
Type: SA36495
Cisco Unified Communications Manager SIP Header Denial of Service

Source: CCN
Type: SA36498
Cisco Unified Communications Manager Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
36498

Source: CCN
Type: SA36499
Cisco Unified Communications Manager Denial of Service Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
36499

Source: CCN
Type: SECTRACK ID: 1022775
Cisco Unified Communications Manager SIP and SCCP Processing Bugs Let Remote Users Deny Service

Source: CCN
Type: Cisco Applied Mitigation Bulletin: Document ID: 110849
Identifying and Mitigating Exploitation of the Cisco Unified Communications Manager Denial of Service Vulnerabilities

Source: CISCO
Type: Patch, Vendor Advisory
20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities

Source: CCN
Type: cisco-sa-20090826-cucm
Cisco Unified Communications Manager Denial of Service Vulnerabilities

Source: CCN
Type: OSVDB ID: 57455
Cisco Unified Communications Manager SCCP Packet Handling Unspecified Remote DoS

Source: BID
Type: Third Party Advisory, VDB Entry
36152

Source: CCN
Type: BID-36152
Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1022775

Source: XF
Type: UNKNOWN
cucm-sccp-dos(52816)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* (Version >= 5.0 and < 5.1(3g))
  • OR cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* (Version >= 6.1(1) and < 6.1(4))
  • OR cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* (Version >= 7.0 and < 7.0(2a)su1)
  • OR cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* (Version >= 7.1 and < 7.1(2))

  • Configuration CCN 1:
  • cpe:/a:cisco:unified_communications_manager:5.1(2b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0(1a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:3.3(5):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(1a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:3.3(5)sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:3.3(5)sr2a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1(3)sr4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(2)su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(2a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3d):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3a):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1(3c):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1(3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3(1)sr.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3(2)sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:(2b):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:::business:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2(3)sr3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2(3)sr2b:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2(3)sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2(3)sr4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2.3_sr3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_3_sr3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_3_sr2b:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_3sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3_1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_4:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_3a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_3:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.2_3_sr2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:4.3_1_sr1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1:(2a):*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_4a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.0_4a_su1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0_1a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.0_1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1_3a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1_2b:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1_2a:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1_2:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:5.1_1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:7.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:6.1_1a:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    cisco unified communications manager *
    cisco unified communications manager *
    cisco unified communications manager *
    cisco unified communications manager *
    cisco unified communications manager 5.1(2b)
    cisco unified communications manager 6.0(1a)
    cisco unified communications manager 5.0
    cisco unified communications manager 3.3(5)
    cisco unified communications manager 4.1(3)
    cisco unified communications manager 4.2
    cisco unified communications manager 4.2.1
    cisco unified communications manager 4.2.2
    cisco unified communications manager 4.2.3
    cisco unified communications manager 4.2.3sr1
    cisco unified communications manager 4.2.3sr2
    cisco unified communications manager 4.2.3sr2b
    cisco unified communications manager 4.3
    cisco unified communications manager 4.3(1)
    cisco unified communications manager 5.1
    cisco unified communications manager 5.1(1)
    cisco unified communications manager 5.1(2)
    cisco unified communications manager 6.0
    cisco unified communications manager 6.1(1a)
    cisco unified communications manager 4.1
    cisco unified communications manager 6.1
    cisco unified communications manager 6.1(1)
    cisco unified communications manager 3.3(5)sr1
    cisco unified communications manager 3.3(5)sr2a
    cisco unified communications manager 4.1(3)sr1
    cisco unified communications manager 4.1(3)sr2
    cisco unified communications manager 4.1(3)sr3
    cisco unified communications manager 4.1(3)sr4
    cisco unified communications manager 6.0(1)
    cisco unified communications manager 6.1(2)su1
    cisco unified communications manager 6.1(2)
    cisco unified communications manager 5.1(2a)
    cisco unified communications manager 5.1(3d)
    cisco unified communications manager 5.1(3)
    cisco unified communications manager 5.1(3a)
    cisco unified communications manager 5.1(3c)
    cisco unified communications manager 7.0
    cisco unified communications manager 6.1(3)
    cisco unified communications manager 4.3(1)sr.1
    cisco unified communications manager 4.3(2)
    cisco unified communications manager 4.3(2)sr1
    cisco unified communications manager 4.1.1
    cisco unified communications manager 4.1.2
    cisco unified communications manager 4.1.3
    cisco unified communications manager (2)
    cisco unified communications manager (1)
    cisco unified communications manager (2b)
    cisco unified communications manager
    cisco unified communications manager 4.2(3)sr3
    cisco unified communications manager 4.2(3)sr2b
    cisco unified communications manager 4.2(3)sr1
    cisco unified communications manager 4.2(3)sr4
    cisco unified communications manager 4.2_2
    cisco unified communications manager 4.2_3
    cisco unified communications manager 4.2.3_sr3
    cisco unified communications manager 4.2_1
    cisco unified communications manager 4.2_3_sr3
    cisco unified communications manager 4.2_3_sr2b
    cisco unified communications manager 4.2_3sr1
    cisco unified communications manager 5.0_1
    cisco unified communications manager 5.0_2
    cisco unified communications manager 4.3_1
    cisco unified communications manager 4.3.1
    cisco unified communications manager 4.3.2
    cisco unified communications manager 5.0_4
    cisco unified communications manager 5.0_3a
    cisco unified communications manager 5.0_3
    cisco unified communications manager 4.2_3_sr2
    cisco unified communications manager 4.3_1_sr1
    cisco unified communications manager 5.1 (2a)
    cisco unified communications manager 5.1.2
    cisco unified communications manager 5.0_4a
    cisco unified communications manager 5.0_4a_su1
    cisco unified communications manager 6.0_1a
    cisco unified communications manager 6.0_1
    cisco unified communications manager 5.1_3a
    cisco unified communications manager 5.1_2b
    cisco unified communications manager 5.1_2a
    cisco unified communications manager 5.1_2
    cisco unified communications manager 5.1_1
    cisco unified communications manager 6.1.0
    cisco unified communications manager 7.0(1)
    cisco unified communications manager 6.1_1a