VYPR
Unrated severityNVD Advisory· Published Aug 27, 2009· Updated Jun 16, 2026

CVE-2009-2051

CVE-2009-2051

Description

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*range: >=5.0,<5.1\(3g\)
    • (no CPE)range: 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2)
  • cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*range: >=12.2,<=12.4
    • (no CPE)range: 12.2 through 12.4 and 15.0 through 15.1
  • cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*range: >=2.5.0,<=2.6.1
    • (no CPE)range: 2.5.x and 2.6.x before 2.6.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.