CVE-2010-1570 — Cisco Customer Response Solution vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.7%

top 27.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Customer Response Solution Cisco Unified Contact Center Express Cisco Unified IP Interactive Voice Response

Timeline

PublishedJun 10

Latest updateMay 17

Description

The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via a malformed CTI message.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶NVDcisco/unified_contact_center_express5.0, 6.0, 7.0+2

▶NVDcisco/unified_ip_interactive_voice_response5.0, 6.0, 7.0+2

▶NVDcisco/customer_response_solution5.0, 6.0, 7.0+2

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-cjjr-c6mv-9759: The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7↗2022-05-17

▶

CVEList

CVE-2010-1570: The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7↗2010-06-10

▶