CVE: CVE-2009-2054

Export to Word

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689.

Threat-Mapped Scoring

Score: 1.5

Priority: P4 - Informational (Low)

S10 – Denial of Service

EPSS

Score: 0.02618
Percentile: 0.85042

CVSS Scoring

CVSS v2 Score: 7.8

Severity:

Mapped CWE(s)

CWE-770 : Allocation of Resources Without Limits or Throttling

All CAPEC(s)

CAPEC-125: Flooding
CAPEC-130: Excessive Allocation
CAPEC-147: XML Ping of the Death
CAPEC-197: Exponential Data Expansion
CAPEC-229: Serialized Data Parameter Blowup
CAPEC-230: Serialized Data with Nested Payloads
CAPEC-231: Oversized Serialized Data Payloads
CAPEC-469: HTTP DoS
CAPEC-482: TCP Flood
CAPEC-486: UDP Flood
CAPEC-487: ICMP Flood
CAPEC-488: HTTP Flood
CAPEC-489: SSL Flood
CAPEC-490: Amplification
CAPEC-491: Quadratic Data Expansion
CAPEC-493: SOAP Array Blowup
CAPEC-494: TCP Fragmentation
CAPEC-495: UDP Fragmentation
CAPEC-496: ICMP Fragmentation
CAPEC-528: XML Flood

CAPEC(s) with Mapped TTPs

CAPEC-125: Flooding
Mapped TTPs:
- T1498.001 : Direct Network Flood
- T1499 : Endpoint Denial of Service
CAPEC-130: Excessive Allocation
Mapped TTPs:
- T1499.003 : Application Exhaustion Flood
CAPEC-469: HTTP DoS
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
CAPEC-482: TCP Flood
Mapped TTPs:
- T1498.001 : Direct Network Flood
- T1499.001 : OS Exhaustion Flood
- T1499.002 : Service Exhaustion Flood
CAPEC-488: HTTP Flood
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
CAPEC-489: SSL Flood
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
CAPEC-490: Amplification
Mapped TTPs:
- T1498.002 : Reflection Amplification
CAPEC-528: XML Flood
Mapped TTPs:
- T1499.002 : Service Exhaustion Flood
- T1498.001 : Direct Network Flood

Mapped ATT&CK TTPs

T1498.001 : Direct Network Flood
Kill Chain: impact
T1499 : Endpoint Denial of Service
Kill Chain: impact
T1499.003 : Application Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1498.001 : Direct Network Flood
Kill Chain: impact
T1499.001 : OS Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1498.002 : Reflection Amplification
Kill Chain: impact
T1499.002 : Service Exhaustion Flood
Kill Chain: impact
T1498.001 : Direct Network Flood
Kill Chain: impact

Malware

APTs Threat Group Associations

Sandworm Team

Campaigns

Affected Products

cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*

← Back to Home