CVE-2018-15396

Name of the Vulnerable Software and Affected Versions Cisco Unity Connection (affected versions not specified)

Description A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. This issue arises because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker with valid administrator credentials could exploit this by sending a crafted, remote connection request. A successful exploit could allow the attacker to write a file that consumes most of the available disk space, causing application functions to operate abnormally and leading to a DoS condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.