CVE-2015-0613

Name of the Vulnerable Software and Affected Versions Cisco Unity Connection versions 8.5 before 8.5(1)SU7 Cisco Unity Connection versions 8.6 before 8.6(2a)SU4 Cisco Unity Connection versions 9.x before 9.1(2)SU2 Cisco Unity Connection versions 10.0 before 10.0(1)SU1

Description The issue allows remote attackers to cause a denial of service, resulting in a core dump and restart of the Connection Conversation Manager process, via crafted SIP INVITE messages when SIP trunk integration is enabled.

Recommendations For Cisco Unity Connection version 8.5, update to 8.5(1)SU7 or later. For Cisco Unity Connection version 8.6, update to 8.6(2a)SU4 or later. For Cisco Unity Connection version 9.x, update to 9.1(2)SU2 or later. For Cisco Unity Connection version 10.0, update to 10.0(1)SU1 or later.