In an advisory released Wednesday, the networking giant said CallManager versions 3.3, 4.1, 4.2 and 5.0, in addition to Presence Server version 1.0, are affected by the flaws.
The most severe of the five vulnerabilities was rated 4.7 out of 10 by Cisco’s vulnerability scoring system.
Cisco said in its advisory that attacks on the flaws could result in the failure of Unified CallManager and Unified Presence Server, resulting in DoS attacks. There is no workaround for the issue, according to Cisco.
Secunia ranked the flaws as "moderately critical" today, meaning that the flaws are typically used for DoS attacks.
Cisco patches VoIP flaws
By Frank Washkuch on Mar 30, 2007 10:10AM