CVE-2007-1834

CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

1.3%

top 20.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Callmanager Cisco Unified Presence Server

Timeline

PublishedApr 3

Latest updateMay 1

Description

Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDcisco/unified_presence_server1.0, 1.0\(1\), 1.0\(2\)+2

▶NVDcisco/unified_callmanager6 versions+5

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-wx8m-8vvg-mg6w: Cisco Unified CallManager (CUCM) 5↗2022-05-01

▶

CVEList

CVE-2007-1834: Cisco Unified CallManager (CUCM) 5↗2007-04-03

▶

📋Vendor Advisories

Cisco

Cisco Unified CallManager and Unified Presence Server ICMP Echo Request Handling Denial of Service Vulnerability↗2007-03-28

▶