CVE-2011-2561

high

Cisco

CVSS v3 Base Score

7.1

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS Score

0.4%

Exploitation probability in 30 days

Top 39% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Confidentiality

None

Integrity

None

Availability

Published: August 29, 2011 (5371 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

The SIP process in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(5b)su4 and 8.x before 8.0(1) does not properly handle SDP data within a SIP call in certain situations related to use of the g729ar8 codec for a Media Termination Point (MTP), which allows remote attackers to cause a denial of service (service outage) via a crafted call, aka Bug ID CSCtc61990.

CWE

CWE-399

Affected Products

cisco unified communications manager

References

🔗 www.cisco.com 🔗 www.cisco.com

CVE-2011-2561

Vulnerability Report

Description

CWE

Affected Products

References