CVE-2011-2560
Last modified
CVE-2011-2560 is a vulnerability of currently unknown severity. The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.. EPSS estimates a 1.81% chance of exploitation in the next 30 days.
Description
The Packet Capture Service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service (memory consumption and restart) by making many connections, aka Bug ID CSCtf97162.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Communications Manager | 4.1\(3\) |
| Cisco | Unified Communications Manager | 4.1\(3\)sr1 |
| Cisco | Unified Communications Manager | 4.1\(3\)sr2 |
| Cisco | Unified Communications Manager | 4.1\(3\)sr3 |
| Cisco | Unified Communications Manager | 4.1\(3\)sr4 |
| Cisco | Unified Communications Manager | 4.2 |
| Cisco | Unified Communications Manager | 4.2.1 |
| Cisco | Unified Communications Manager | 4.2.2 |
| Cisco | Unified Communications Manager | 4.2.3 |
| Cisco | Unified Communications Manager | 4.2.3sr1 |
| Cisco | Unified Communications Manager | 4.2.3sr2 |
| Cisco | Unified Communications Manager | 4.2.3sr2b |
| Cisco | Unified Communications Manager | 4.3 |
| Cisco | Unified Communications Manager | 4.3\(1\) |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-2560?
How severe is CVE-2011-2560?
How do I fix CVE-2011-2560?
Are you affected by CVE-2011-2560?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST