CVE-2010-2834Cisco IOS vulnerability

CWE-3995 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.4%
top 41.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cisco IOSCisco IOS XECisco Unified Communications Manager
Timeline
PublishedSep 23
Latest updateMay 17

Description

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

NVDcisco/ios191 versions+190
NVDcisco/ios_xe4 versions+3

Patches

Patch: www.cisco.comPatch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-qghc-w7jx-4fqg: Cisco IOS 122022-05-17
CVEList
CVE-2010-2834: Cisco IOS 122010-09-23

📋Vendor Advisories

2
Cisco
Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities2010-09-22
Cisco
Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities2010-09-22
CVE-2010-2834 — Cisco IOS vulnerability | cvebase