Lucene search

CiscoCVE-2014-0664

HistoryJan 10, 2014 - 4:47 p.m.

CVE-2014-0664

2014-01-1016:47:06

CWE-399

cisco

web.nvd.nist.gov

cisco

unity connection

server

denial of service

cpu consumption

imap

bug id

cscul49976

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

78.0%

JSON

The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976.

Affected configurations

Nvd

Node

ciscounity_connectionMatch-

VendorProductVersionCPE
ciscounity_connection-cpe:2.3:a:cisco:unity_connection:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unity_connection	-	cpe:2.3:a:cisco:unity_connection:-:::::::*

References

osvdb.org/101915

secunia.com/advisories/56370

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0664

www.securityfocus.com/bid/64772

www.securitytracker.com/id/1029593

exchange.xforce.ibmcloud.com/vulnerabilities/90234

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

Low

EPSS

0.006

Percentile

78.0%

JSON

Related for CVE-2014-0664