5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.001 Low
EPSS
Percentile
49.5%
Cisco Unity Connection contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
The vulnerability is due to the improper handling of user-supplied requests by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to an affected system. The processing of such requests could cause a DoS condition, denying access to legitimate users.
Cisco has confirmed the vulnerability; however, software updates are not available.
To exploit this vulnerability, an attacker would need access to trusted, internal networks to submit malicious requests to the targeted system. This access requirement decreases the likelihood of a successful exploit.
CPE | Name | Operator | Version |
---|---|---|---|
cisco unity connection | eq | any | |
cisco unity connection | eq | any |