CVE-2015-0612
First published: Fri Apr 03 2015(Updated: )
The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unity Connection | =8.5\(1\) | |
| Cisco Unity Connection | =8.5\(1\)su1 | |
| Cisco Unity Connection | =8.5\(1\)su2 | |
| Cisco Unity Connection | =8.5\(1\)su3 | |
| Cisco Unity Connection | =8.5\(1\)su4 | |
| Cisco Unity Connection | =8.5\(1\)su5 | |
| Cisco Unity Connection | =8.6\(1\) | |
| Cisco Unity Connection | =8.6\(1a\) | |
| Cisco Unity Connection | =8.6\(2\) | |
| Cisco Unity Connection | =8.6\(2a\) | |
| Cisco Unity Connection | =8.6\(2a\)su1 | |
| Cisco Unity Connection | =8.6\(2a\)su2 | |
| Cisco Unity Connection | =8.6\(2a\)su3 | |
| Cisco Unity Connection | =9.0\(1\) | |
| Cisco Unity Connection | =9.1\(1\) | |
| Cisco Unity Connection | =9.1\(2\) | |
| Cisco Unity Connection 8.5 | =base | |
| Cisco Unity Connection 8.6 | =base |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-0612?
CVE-2015-0612 has been classified with a high severity due to its potential to cause denial of service attacks.
How do I fix CVE-2015-0612?
To mitigate CVE-2015-0612, it is recommended to update to the latest software version through Cisco's official updates.
What systems are affected by CVE-2015-0612?
CVE-2015-0612 affects Cisco Unity Connection versions 8.5, 8.6, and 9.x before specified service updates.
What kind of attack does CVE-2015-0612 allow?
CVE-2015-0612 allows attackers to perform denial of service via crafted UDP packets.
What steps can be taken to prevent CVE-2015-0612 exploitation?
Preventing CVE-2015-0612 exploitation involves applying software updates and implementing network security measures to filter malicious traffic.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/cisco
- canonical/cisco unity connection
- version/cisco unity connection/8.5\(1\)
- version/cisco unity connection/8.5\(1\)su1
- version/cisco unity connection/8.5\(1\)su2
- version/cisco unity connection/8.5\(1\)su3
- version/cisco unity connection/8.5\(1\)su4
- version/cisco unity connection/8.5\(1\)su5
- version/cisco unity connection/8.6\(1\)
- version/cisco unity connection/8.6\(1a\)
- version/cisco unity connection/8.6\(2\)
- version/cisco unity connection/8.6\(2a\)
- version/cisco unity connection/8.6\(2a\)su1
- version/cisco unity connection/8.6\(2a\)su2
- version/cisco unity connection/8.6\(2a\)su3
- version/cisco unity connection/9.0\(1\)
- version/cisco unity connection/9.1\(1\)
- version/cisco unity connection/9.1\(2\)
- canonical/cisco unity connection 8.5
- version/cisco unity connection 8.5/base
- canonical/cisco unity connection 8.6
- version/cisco unity connection 8.6/base