CVE-2009-2054

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 4.x through 7.1 before 7.1(2a)su1, specifically: Cisco Unified Communications Manager versions 4.x Cisco Unified Communications Manager versions 5.x before 5.1(3g) Cisco Unified Communications Manager versions 6.x before 6.1(4) Cisco Unified Communications Manager version 7.0 before 7.0(2a)su1 Cisco Unified Communications Manager version 7.1 before 7.1(2a)su1

Description The issue allows remote attackers to cause a denial of service, resulting in file-descriptor exhaustion and SIP outage, via a flood of TCP packets.

Recommendations For Cisco Unified Communications Manager version 4.x, update to a version outside of the affected range. For Cisco Unified Communications Manager version 5.x, update to version 5.1(3g) or later. For Cisco Unified Communications Manager version 6.x, update to version 6.1(4) or later. For Cisco Unified Communications Manager version 7.0, update to version 7.0(2a)su1 or later. For Cisco Unified Communications Manager version 7.1, update to version 7.1(2a)su1 or later.