CVE-2006-5553

CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

1.2%

top 21.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Security Agent Cisco Unified Callmanager Cisco Unified Presence Server

Timeline

PublishedOct 26

Latest updateMay 1

Description

Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶NVDcisco/unified_presence_server1.0, 1.0\(2\)+1

▶NVDcisco/unified_callmanager5 versions+4

▶NVDcisco/security_agent4 versions+3

Patches

Patch: www.cisco.com ↗Patch: www.securityfocus.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-m8qx-h53w-5fh9: Cisco Security Agent (CSA) for Linux 4↗2022-05-01

▶

CVEList

CVE-2006-5553: Cisco Security Agent (CSA) for Linux 4↗2006-10-26

▶

📋Vendor Advisories

Cisco

Cisco Security Agent for Linux Port Scan Denial of Service↗2006-10-25

▶