CVE-2015-0615

CWE-19CWE-20 โ€” Improper Input ValidationCWE-3995 documents5 sources
Severity
7.1HIGH
EPSS
0.4%
top 39.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unity Connection
Timeline
PublishedApr 3
Latest updateMay 17

Description

The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (port consumption) by improperly terminating SIP sessions, aka Bug ID CSCul28089.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

โ–ถNVDcisco/unity_connection21 versions+20

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-j9x6-5wqj-262h: The call-handling implementation in Cisco Unity Connection 8โ†—2022-05-17
โ–ถ
CVEList
CVE-2015-0615: The call-handling implementation in Cisco Unity Connection 8โ†—2015-04-03
โ–ถ

๐Ÿ“‹Vendor Advisories

2
Juniper
CVE-2016-1271: Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3โ†—2016-04-15
โ–ถ
Cisco
Multiple Vulnerabilities in Cisco Unity Connectionโ†—2015-04-01
โ–ถ
CVE-2015-0615 (HIGH CVSS 7.1) | The call-handling implementation in | cvebase.io