CVE-2007-1833

high

Description

The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/33295

http://www.vupen.com/english/advisories/2007/1144

http://www.securityfocus.com/bid/23181

http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml

http://securitytracker.com/id?1017826

http://secunia.com/advisories/24665

Details

Source: Mitre, NVD

Published: 2007-04-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.02554