CVE-2011-4486 — Cisco Business Edition 3000 Software vulnerability

CWE-3994 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.4%

top 37.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Business Edition 3000 Software Cisco Business Edition 5000 Software Cisco Business Edition 6000 Software +1 more

Timeline

PublishedMar 1

Latest updateMay 17

Description

Cisco Unified Communications Manager (CUCM) with software 6.x and 7.x before 7.1(5b)su5, 8.0 before 8.0(3a)su3, and 8.5 and 8.6 before 8.6(2a)su1 and Cisco Business Edition 3000 with software before 8.6.3 and 5000 and 6000 with software before 8.6(2a)su1 allow remote attackers to cause a denial of service (device reload) via a crafted SCCP registration, aka Bug ID CSCtu73538.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages4 packages

▶NVDcisco/business_edition_3000_software4 versions+3

▶NVDcisco/business_edition_5000_software7 versions+6

▶NVDcisco/business_edition_6000_software9 versions+8

▶NVDcisco/unified_communications_manager70 versions+69

🔴Vulnerability Details

GHSA

GHSA-7gpg-mpjm-jm5f: Cisco Unified Communications Manager (CUCM) with software 6↗2022-05-17

▶

CVEList

CVE-2011-4486: Cisco Unified Communications Manager (CUCM) with software 6↗2012-03-01

▶

📋Vendor Advisories

Cisco

Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities↗2012-03-01

▶