CVE-2005-2241

5 documents5 sources
Severity
5.0MEDIUM
EPSS
0.7%
top 29.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Call Manager
Timeline
PublishedJul 12
Latest updateMay 1

Description

Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

โ–ถNVDcisco/call_manager4 versions+3

Patches

Patch: www.cisco.com โ†—Patch: www.cisco.com โ†—

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-p2fc-grwr-w3x3: Cisco CallManager (CCM) 3โ†—2022-05-01
โ–ถ
CVEList
CVE-2005-2241: Cisco CallManager (CCM) 3โ†—2005-07-12
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Exploit-DB
RaidenFTPd 2.4 - Unauthorized File Accessโ†—2005-04-21
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Cisco CallManager Memory Handling Vulnerabilitiesโ†—2005-07-12
โ–ถ
CVE-2005-2241 (MEDIUM CVSS 5) | Cisco CallManager (CCM) 3.2 and ear | cvebase.io