Cisco Unity Connection Memory Leak Denial of Service Vulnerability

Cisco Unity Connection contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to the improper handling of user-supplied requests by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to an affected system. The processing of such requests could cause a DoS condition, denying access to legitimate users.

Cisco has confirmed the vulnerability; however, software updates are not available.

To exploit this vulnerability, an attacker would need access to trusted, internal networks to submit malicious requests to the targeted system. This access requirement decreases the likelihood of a successful exploit.