CVE-2015-0614

Name of the Vulnerable Software and Affected Versions Cisco Unity Connection versions 8.5 through 8.5(1)SU6 Cisco Unity Connection versions 8.6 through 8.6(2a)SU3 Cisco Unity Connection versions 9.x through 9.1(2)SU1 Cisco Unity Connection versions 10.0 through 10.0(1)SU0

Description The issue allows remote attackers to cause a denial of service via crafted SIP INVITE messages when SIP trunk integration is enabled. This results in a core dump and restart of the Connection Conversation Manager process.

Recommendations For Cisco Unity Connection versions 8.5 through 8.5(1)SU6, update to version 8.5(1)SU7 or later. For Cisco Unity Connection versions 8.6 through 8.6(2a)SU3, update to version 8.6(2a)SU4 or later. For Cisco Unity Connection versions 9.x through 9.1(2)SU1, update to version 9.1(2)SU2 or later. For Cisco Unity Connection versions 10.0 through 10.0(1)SU0, update to version 10.0(1)SU1 or later.