CVE-2010-1570

EUVD-2010-1597
The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via a malformed CTI message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
Affected Products (NVD)
VendorProductVersion
ciscounified_contact_center_express
5.0
ciscounified_contact_center_express
6.0
ciscounified_contact_center_express
7.0
ciscocustomer_response_solution
5.0
ciscocustomer_response_solution
6.0
ciscocustomer_response_solution
7.0
ciscounified_ip_interactive_voice_response
5.0
ciscounified_ip_interactive_voice_response
6.0
ciscounified_ip_interactive_voice_response
7.0
𝑥
= Vulnerable software versions
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml
http://www.securityfocus.com/bid/40684
http://www.securitytracker.com/id?1024081
https://exchange.xforce.ibmcloud.com/vulnerabilities/59276
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml
http://www.securityfocus.com/bid/40684
http://www.securitytracker.com/id?1024081
https://exchange.xforce.ibmcloud.com/vulnerabilities/59276