CVE-2011-2561

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 7.x through 7.1(5b)su3 Cisco Unified Communications Manager versions 8.x through 8.0(0)

Description The issue is related to the SIP process in Cisco Unified Communications Manager, which does not properly handle SDP data within a SIP call when using the g729ar8 codec for a Media Termination Point (MTP). This allows remote attackers to cause a denial of service via a crafted call.

Recommendations For Cisco Unified Communications Manager versions 7.x through 7.1(5b)su3, update to version 7.1(5b)su4 or later. For Cisco Unified Communications Manager versions 8.x through 8.0(0), update to version 8.0(1) or later.