CVE-2008-3801

CWE-3994 documents4 sources
Severity
7.1HIGH
EPSS
1.9%
top 16.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cisco IOSCisco Unified CallmanagerCisco Unified Communications Manager
Timeline
PublishedSep 26
Latest updateMay 2

Description

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages3 packages

NVDcisco/unified_callmanager4.1, 4.2, 4.3+2
NVDcisco/ios12.2, 12.3, 12.4+2

🔴Vulnerability Details

2
GHSA
GHSA-9gcq-w2xv-xvf8: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 122022-05-02
CVEList
CVE-2008-3801: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 122008-09-26

📋Vendor Advisories

1
Cisco
Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities2008-09-24
CVE-2008-3801 (HIGH CVSS 7.1) | Unspecified vulnerability in the Se | cvebase.io