Cisco Unity Connection Exhaustion Denial of Service Vulnerability

Cisco Unity contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

This vulnerability exists due to improper handling of network messages. An unauthenticated, remote attacker to exploit this vulnerability to render the Cisco Unity server unavailable, which may deny legitimate users access to the affected system.

Cisco confirmed this vulnerability, but updated software is not available.

Attackers may require access to trusted, internal networks to connect to an affected system. An exploit could prevent the establishment of further connections with the affected system. This denial of service condition could prevent users from accessing the Cisco Unity server.