CVE-2015-0616Improper Input Validation in Cisco Unity Connection

CWE-19CWE-20Improper Input ValidationCWE-3994 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.4%
top 39.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unity Connection
Timeline
PublishedApr 3
Latest updateMay 17

Description

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) by improperly terminating SIP TCP connections, aka Bug ID CSCul69819.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDcisco/unity_connection19 versions+18

🔴Vulnerability Details

2
GHSA
GHSA-gf64-925h-9qrw: The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 82022-05-17
CVEList
CVE-2015-0616: The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 82015-04-03

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco Unity Connection2015-04-01
CVE-2015-0616 — Improper Input Validation in Cisco | cvebase