CVE-2008-1748

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 4.1 before 4.1(3)SR7 Cisco Unified Communications Manager versions 4.2 before 4.2(3)SR4 Cisco Unified Communications Manager versions 4.3 before 4.3(2) Cisco Unified Communications Manager versions 5.x before 5.1(3) Cisco Unified Communications Manager versions 6.x before 6.1(1)

Description The issue is related to the improper validation of SIP URLs, which can be exploited by remote attackers to cause a denial of service via a SIP INVITE message.

Recommendations For versions 4.1 before 4.1(3)SR7, update to 4.1(3)SR7 or later. For versions 4.2 before 4.2(3)SR4, update to 4.2(3)SR4 or later. For versions 4.3 before 4.3(2), update to 4.3(2) or later. For versions 5.x before 5.1(3), update to 5.1(3) or later. For versions 6.x before 6.1(1), update to 6.1(1) or later.