CVE-2007-1833

The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/23181
http://securitytracker.com/id?1017826	Patch
http://secunia.com/advisories/24665	Patch Vendor Advisory
http://www.vupen.com/english/advisories/2007/1144
https://exchange.xforce.ibmcloud.com/vulnerabilities/33295

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:unified_callmanager:3.3\(2\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(2\)spb:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(5\)sr1:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(5\)sr1a:::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.2:::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(4\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(4\)sr1a:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(5\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr2:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(3\)sr1:::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(2\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr1:::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.1\(2\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(3\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(3a\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.1:::::::*
	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr3:::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(2\)spc:::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(1\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(3\)sr4:::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(4\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:3.3\(3\):::::::*

Information

Published : 2007-04-02 17:19

Updated : 2017-07-28 18:31

NVD link : CVE-2007-1833

Mitre link : CVE-2007-1833

JSON object : View

CWE

NVD-CWE-Other

Products Affected

cisco

unified_callmanager

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml", "name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities", "tags": ["Patch", "Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/23181", "name": "23181", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1017826", "name": "1017826", "tags": ["Patch"], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/24665", "name": "24665", "tags": ["Patch", "Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2007/1144", "name": "ADV-2007-1144", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33295", "name": "cisco-callmanager-sccp-dos(33295)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-1833", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-04-03T00:19Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(2\\)spb:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(5\\)sr1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(5\\)sr1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(4\\)sr1a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(5\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(3\\)sr1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(2\\)spc:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(3\\)sr4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-29T01:31Z"}

5.0 /10