VDB
CVE-2008-3800
CVE-2008-3800
PUBLISHED
CVSS 7.099999904632568 HIGH
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.
EPSS 1.93% · 83.8th percentile
Risk Scores
CVSS 2.0
7.099999904632568
EPSS Score
1.93%
83.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| cisco | ios | 12.2, 12.3, 12.4 |
| cisco | unified_callmanager | 4.3, 4.2, 4.1 |
| cisco | unified_communications_manager | 5.1, 4.1, 5.0 |
Exploit Intelligence
- 31990 (circl)
- 31367 (circl)
- oval:org.mitre.oval:def:6086 (circl)
- 32013 (circl)
- ADV-2008-2670 (circl)
- ADV-2008-2671 (circl)
- 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities (circl)
- 1020942 (circl)
- 1020939 (circl)
- 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities (circl)
…and 4 more exploits
Timeline
- Sep 24, 2008 CVE Published
- Sep 24, 2008 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 31990 third-party-advisory
- 31367 vdb
- oval:org.mitre.oval:def:6086 vdb
- 32013 third-party-advisory
- ADV-2008-2670 vdb
- ADV-2008-2671 vdb
- 20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities vendor-advisory
- 1020942 vdb
- 1020939 vdb
- 20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-3800 advisory