CVE-2010-2838

high

Cisco

CVSS v3 Base Score

7.8

AV:N/AC:L/Au:N/C:N/I:N/A:C

EPSS Score

0.4%

Exploitation probability in 30 days

Top 38% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

None

Availability

Published: August 26, 2010 (5739 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305.

CWE

NVD-CWE-Other

Affected Products

cisco unified communications manager

References

🔗 www.cisco.com 🔗 www.vupen.com 🔗 www.cisco.com 🔗 www.vupen.com

CVE-2010-2838

Vulnerability Report

Description

CWE

Affected Products

References