CVE DATABASE / CVE-2009-2054
CVE-2009-2054
CVSS 7.8 · HIGH
Summary
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689.
CVSS 2.0 breakdown
| Base score | 7.8 (HIGH) |
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Confidentiality | NONE |
| Integrity | NONE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Cisco unified communications manager
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://osvdb.org/57456
- http://secunia.com/advisories/36498
- http://secunia.com/advisories/36499
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml
- http://www.securityfocus.com/bid/36152
- http://www.securitytracker.com/id?1022775
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.