PT-2015-4758 · Cisco · Cisco Unity Connection
Publicado
2015-04-03
·
Atualizado
2015-09-29
·
CVE-2015-0614
CVSS v2.0
7.1
Alta
| Vetor | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Unity Connection versions 8.5 through 8.5(1)SU6
Cisco Unity Connection versions 8.6 through 8.6(2a)SU3
Cisco Unity Connection versions 9.x through 9.1(2)SU1
Cisco Unity Connection versions 10.0 through 10.0(1)SU0
Description
The issue allows remote attackers to cause a denial of service via crafted SIP INVITE messages when SIP trunk integration is enabled. This results in a core dump and restart of the Connection Conversation Manager process.
Recommendations
For Cisco Unity Connection versions 8.5 through 8.5(1)SU6, update to version 8.5(1)SU7 or later.
For Cisco Unity Connection versions 8.6 through 8.6(2a)SU3, update to version 8.6(2a)SU4 or later.
For Cisco Unity Connection versions 9.x through 9.1(2)SU1, update to version 9.1(2)SU2 or later.
For Cisco Unity Connection versions 10.0 through 10.0(1)SU0, update to version 10.0(1)SU1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Unity Connection