CVE-2008-3800 - Vulnerability Details

Vendors	Products
Cisco	Ios Unified Callmanager Unified Communications Manager

Link	Providers
http://secunia.com/advisories/31990
http://secunia.com/advisories/32013
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml
http://www.securityfocus.com/bid/31367
http://www.securitytracker.com/id?1020939
http://www.securitytracker.com/id?1020942
http://www.vupen.com/english/advisories/2008/2670
http://www.vupen.com/english/advisories/2008/2671
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-09-24T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "31990", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31990"}, {"name": "31367", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31367"}, {"name": "oval:org.mitre.oval:def:6086", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"}, {"name": "32013", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32013"}, {"name": "ADV-2008-2670", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2670"}, {"name": "ADV-2008-2671", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2671"}, {"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"}, {"name": "1020942", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020942"}, {"name": "1020939", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020939"}, {"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2008-3800", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "31990", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31990"}, {"name": "31367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31367"}, {"name": "oval:org.mitre.oval:def:6086", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"}, {"name": "32013", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32013"}, {"name": "ADV-2008-2670", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2670"}, {"name": "ADV-2008-2671", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2671"}, {"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"}, {"name": "1020942", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020942"}, {"name": "1020939", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020939"}, {"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:53:00.234Z"}, "title": "CVE Program Container", "references": [{"name": "31990", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31990"}, {"name": "31367", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31367"}, {"name": "oval:org.mitre.oval:def:6086", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"}, {"name": "32013", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32013"}, {"name": "ADV-2008-2670", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2670"}, {"name": "ADV-2008-2671", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2671"}, {"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"}, {"name": "1020942", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020942"}, {"name": "1020939", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020939"}, {"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2008-3800", "datePublished": "2008-09-26T16:00:00", "dateReserved": "2008-08-27T00:00:00", "dateUpdated": "2024-08-07T09:53:00.234Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2008-09-24T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-09-28T12:57:01 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 31990 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/31990 (string)

}

1 : { »

name : 31367 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/31367 (string)

}

2 : { »

name : oval:org.mitre.oval:def:6086 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086 (string)

}

3 : { »

name : 32013 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/32013 (string)

}

4 : { »

name : ADV-2008-2670 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2008/2670 (string)

}

5 : { »

name : ADV-2008-2671 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2008/2671 (string)

}

6 : { »

name : 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml (string)

}

7 : { »

name : 1020942 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1020942 (string)

}

8 : { »

name : 1020939 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id?1020939 (string)

}

9 : { »

name : 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2008-3800 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 31990 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/31990 (string)

}

1 : { »

name : 31367 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/31367 (string)

}

2 : { »

name : oval:org.mitre.oval:def:6086 (string)

refsource : OVAL (string)

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086 (string)

}

3 : { »

name : 32013 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/32013 (string)

}

4 : { »

name : ADV-2008-2670 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2008/2670 (string)

}

5 : { »

name : ADV-2008-2671 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2008/2671 (string)

}

6 : { »

name : 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities (string)

refsource : CISCO (string)

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml (string)

}

7 : { »

name : 1020942 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1020942 (string)

}

8 : { »

name : 1020939 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id?1020939 (string)

}

9 : { »

name : 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (string)

refsource : CISCO (string)

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T09:53:00.234Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 31990 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/31990 (string)

}

1 : { »

name : 31367 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/31367 (string)

}

2 : { »

name : oval:org.mitre.oval:def:6086 (string)

tags : [ »

0 : vdb-entry (string)

1 : signature (string)

2 : x_refsource_OVAL (string)

3 : x_transferred (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086 (string)

}

3 : { »

name : 32013 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/32013 (string)

}

4 : { »

name : ADV-2008-2670 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2008/2670 (string)

}

5 : { »

name : ADV-2008-2671 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2008/2671 (string)

}

6 : { »

name : 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml (string)

}

7 : { »

name : 1020942 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1020942 (string)

}

8 : { »

name : 1020939 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id?1020939 (string)

}

9 : { »

name : 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2008-3800 (string)

datePublished : 2008-09-26T16:00:00 (string)

dateReserved : 2008-08-27T00:00:00 (string)

dateUpdated : 2024-08-07T09:53:00.234Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC772518-51CC-4692-BEB2-2C9C2A215F44", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9A5E0999-9FB7-4255-A8CF-5D74E70FD56A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "50BA656D-4103-4BE7-9C8A-BDC9580B7E4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E29A61E-334B-4F95-9B47-8F53A4DB3EB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*", "matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802."}, {"lang": "es", "value": "Vulnerabilidad no especificada en la implementaci\u00f3n de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4 y Unified Communications Manager v4.1 a la v6.1, cuando VoIP est\u00e1 configurada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de proceso o de dispositivo) a trav\u00e9s de mensajes SIP v\u00e1lidos no especificados, tambi\u00e9n conocidos como \"Cisco Bug ID CSCsu38644\". Vulnerabilidad distinta de CVE-2008-3800 y CVE-2008-3802."}], "id": "CVE-2008-3800", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-09-26T16:21:44.067", "references": [{"source": "psirt@cisco.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31990"}, {"source": "psirt@cisco.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/32013"}, {"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"}, {"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"}, {"source": "psirt@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/31367"}, {"source": "psirt@cisco.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020939"}, {"source": "psirt@cisco.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020942"}, {"source": "psirt@cisco.com", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/2670"}, {"source": "psirt@cisco.com", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/2671"}, {"source": "psirt@cisco.com", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/31990"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/32013"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/31367"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020939"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1020942"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/2670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required"], "url": "http://www.vupen.com/english/advisories/2008/2671"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : AC772518-51CC-4692-BEB2-2C9C2A215F44 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 9A5E0999-9FB7-4255-A8CF-5D74E70FD56A (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:unified_callmanager:4.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 50BA656D-4103-4BE7-9C8A-BDC9580B7E4C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1E29A61E-334B-4F95-9B47-8F53A4DB3EB0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:* (string)

matchCriteriaId : B2AF68FA-433F-46F2-B309-B60A108BECFA (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 640BFEE2-B364-411E-B641-7471B88ED7CC (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 6BC6EF34-D23D-45CA-A907-A47993CC061E (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:* (string)

matchCriteriaId : E4BC49F2-3DCB-45F0-9030-13F6415EE178 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 0668C45B-9D25-424B-B876-C1721BFFE5DA (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D4D8C72-E7BB-40BF-9AE5-622794D63E09 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. (string)

}

1 : { »

lang : es (string)

value : Vulnerabilidad no especificada en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4 y Unified Communications Manager v4.1 a la v6.1, cuando VoIP está configurada, permite a atacantes remotos provocar una denegación de servicio (reinicio de proceso o de dispositivo) a través de mensajes SIP válidos no especificados, también conocidos como "Cisco Bug ID CSCsu38644". Vulnerabilidad distinta de CVE-2008-3800 y CVE-2008-3802. (string)

}

]

id : CVE-2008-3800 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.1 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2008-09-26T16:21:44.067 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/31990 (string)

}

1 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/32013 (string)

}

2 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml (string)

}

3 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml (string)

}

4 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/31367 (string)

}

5 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1020939 (string)

}

6 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1020942 (string)

}

7 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Permissions Required (string)

]

url : http://www.vupen.com/english/advisories/2008/2670 (string)

}

8 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Permissions Required (string)

]

url : http://www.vupen.com/english/advisories/2008/2671 (string)

}

9 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Broken Link (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/31990 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/32013 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/31367 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1020939 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Third Party Advisory (string)

2 : VDB Entry (string)

]

url : http://www.securitytracker.com/id?1020942 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Permissions Required (string)

]

url : http://www.vupen.com/english/advisories/2008/2670 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Permissions Required (string)

]

url : http://www.vupen.com/english/advisories/2008/2671 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object