Executive Summary

Informations
Name CVE-2009-2054 First vendor Publication 2009-08-27
Vendor Cve Last vendor Modification 2024-02-15

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2054

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-2 Inducing Account Lockout
CAPEC-82 Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99 XML Parser Attack
CAPEC-119 Resource Depletion
CAPEC-121 Locate and Exploit Test APIs
CAPEC-125 Resource Depletion through Flooding
CAPEC-130 Resource Depletion through Allocation
CAPEC-147 XML Ping of Death
CAPEC-197 XEE (XML Entity Expansion)
CAPEC-227 Denial of Service through Resource Depletion
CAPEC-228 Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229 XML Attribute Blowup

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-770 Allocation of Resources Without Limits or Throttling

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 150

Open Source Vulnerability Database (OSVDB)

Id Description
57456 Cisco Unified Communications Manager SIP Packet Processing Unspecified Remote...

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/36152
CISCO http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d1...
OSVDB http://osvdb.org/57456
SECTRACK http://www.securitytracker.com/id?1022775
SECUNIA http://secunia.com/advisories/36498
http://secunia.com/advisories/36499

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2024-02-16 05:28:16
  • Multiple Updates
2021-05-04 12:09:42
  • Multiple Updates
2021-04-22 01:10:03
  • Multiple Updates
2020-05-23 00:23:55
  • Multiple Updates
2016-06-28 17:43:52
  • Multiple Updates
2016-04-26 18:53:54
  • Multiple Updates
2013-05-10 23:52:21
  • Multiple Updates