Lucene search

CiscoCISCO-SA-20150401-CUC

HistoryApr 01, 2015 - 4:00 p.m.

Multiple Vulnerabilities in Cisco Unity Connection

2015-04-0116:00:00

tools.cisco.com

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

56.0%

JSON

Cisco Unity Connection contains multiple vulnerabilities, when it is configured with Session Initiation Protocol (SIP) trunk integration. The vulnerabilities described in this advisory are denial of service vulnerabilities impacting the availability of Cisco Unity Connection for processing SIP messages.

Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc”]

Affected configurations

Vulners

Node

ciscounity_connectionMatchany

VendorProductVersionCPE
ciscounity_connectionanycpe:2.3:a:cisco:unity_connection:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unity_connection	any	cpe:2.3:a:cisco:unity_connection:any:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.002

Percentile

56.0%

JSON

Related for CISCO-SA-20150401-CUC