CVE-2010-1570
First published: Thu Jun 10 2010(Updated: )
The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via a malformed CTI message.
Credit: ykramarz@cisco.com psirt@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Contact Center Express Enhanced | =5.0 | |
| Cisco Unified Contact Center Express Enhanced | =6.0 | |
| Cisco Unified Contact Center Express Enhanced | =7.0 | |
| Cisco Customer Response Solution | =5.0 | |
| Cisco Customer Response Solution | =6.0 | |
| Cisco Customer Response Solution | =7.0 | |
| Cisco Unified IP Interactive Voice Response | =5.0 | |
| Cisco Unified IP Interactive Voice Response | =6.0 | |
| Cisco Unified IP Interactive Voice Response | =7.0 | |
| Cisco IP Interactive Voice Response | =5.0 | |
| Cisco IP Interactive Voice Response | =6.0 | |
| Cisco IP Interactive Voice Response | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-1570?
CVE-2010-1570 is classified as a denial of service vulnerability affecting multiple Cisco Unified Contact Center Express and Customer Response Solution versions.
How do I fix CVE-2010-1570?
To fix CVE-2010-1570, upgrade to the appropriate patched version of Cisco Unified Contact Center Express or Customer Response Solution as specified in the vendor's advisory.
What systems are affected by CVE-2010-1570?
CVE-2010-1570 affects Cisco Unified Contact Center Express versions 5.0, 6.0, and 7.0, as well as Cisco Customer Response Solution and Cisco IP Interactive Voice Response of similar versions.
What types of attacks does CVE-2010-1570 enable?
CVE-2010-1570 allows remote attackers to launch denial of service attacks affecting the CTI server and Node Manager.
When was CVE-2010-1570 reported?
CVE-2010-1570 was reported on May 10, 2010.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/remedy
- agent/description
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/source
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/cisco
- canonical/cisco unified contact center express enhanced
- version/cisco unified contact center express enhanced/5.0
- version/cisco unified contact center express enhanced/6.0
- version/cisco unified contact center express enhanced/7.0
- canonical/cisco customer response solution
- version/cisco customer response solution/5.0
- version/cisco customer response solution/6.0
- version/cisco customer response solution/7.0
- canonical/cisco unified ip interactive voice response
- version/cisco unified ip interactive voice response/5.0
- version/cisco unified ip interactive voice response/6.0
- version/cisco unified ip interactive voice response/7.0
- canonical/cisco ip interactive voice response
- version/cisco ip interactive voice response/5.0
- version/cisco ip interactive voice response/6.0
- version/cisco ip interactive voice response/7.0