PT-2015-4759 · Cisco · Cisco Unity Connection
Published
2015-04-03
·
Updated
2015-09-29
·
CVE-2015-0615
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Unity Connection versions 8.5 through 8.5(1)SU6
Cisco Unity Connection versions 8.6 through 8.6(2a)SU3
Cisco Unity Connection versions 9.x through 9.1(2)SU1
Cisco Unity Connection versions 10.0 through 10.0(1)
Description
The issue affects the call-handling implementation when SIP trunk integration is enabled, allowing remote attackers to cause a denial of service by improperly terminating SIP sessions.
Recommendations
For Cisco Unity Connection versions 8.5 through 8.5(1)SU6, update to version 8.5(1)SU7 or later.
For Cisco Unity Connection versions 8.6 through 8.6(2a)SU3, update to version 8.6(2a)SU4 or later.
For Cisco Unity Connection versions 9.x through 9.1(2)SU1, update to version 9.1(2)SU2 or later.
For Cisco Unity Connection versions 10.0 through 10.0(1), update to version 10.0(1)SU1 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Unity Connection