CVE-2015-0612 - Vulnerability Details

Vendors	Products
Cisco	Unity Connection Unity Connection 8.5 Unity Connection 8.6

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc
http://www.securitytracker.com/id/1032010

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-01T00:00:00", "descriptions": [{"lang": "en", "value": "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-04-08T17:57:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20150401 Multiple Vulnerabilities in Cisco Unity Connection", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"}, {"name": "1032010", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032010"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2015-0612", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20150401 Multiple Vulnerabilities in Cisco Unity Connection", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"}, {"name": "1032010", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032010"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:17:32.733Z"}, "title": "CVE Program Container", "references": [{"name": "20150401 Multiple Vulnerabilities in Cisco Unity Connection", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"}, {"name": "1032010", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032010"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2015-0612", "datePublished": "2015-04-03T18:00:00", "dateReserved": "2015-01-07T00:00:00", "dateUpdated": "2024-08-06T04:17:32.733Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-04-01T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2015-04-08T17:57:00 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 20150401 Multiple Vulnerabilities in Cisco Unity Connection (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc (string)

}

1 : { »

name : 1032010 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1032010 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2015-0612 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20150401 Multiple Vulnerabilities in Cisco Unity Connection (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc (string)

}

1 : { »

name : 1032010 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1032010 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T04:17:32.733Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20150401 Multiple Vulnerabilities in Cisco Unity Connection (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc (string)

}

1 : { »

name : 1032010 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1032010 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2015-0612 (string)

datePublished : 2015-04-03T18:00:00 (string)

dateReserved : 2015-01-07T00:00:00 (string)

dateUpdated : 2024-08-06T04:17:32.733Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unity_connection:8.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "101FCDD0-DC91-4111-975E-DE618D3B4E9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.5\\(1\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "D386D8CD-D6EA-4705-ABDC-EA6558F5AC30", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.5\\(1\\)su2:*:*:*:*:*:*:*", "matchCriteriaId": "D4B1917B-197C-4E28-9356-2ACC4C4DB932", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.5\\(1\\)su3:*:*:*:*:*:*:*", "matchCriteriaId": "5567A000-338E-40D7-9481-674B8FFC142D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.5\\(1\\)su4:*:*:*:*:*:*:*", "matchCriteriaId": "AA991A88-D49E-4957-B404-6E3C15C96994", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.5\\(1\\)su5:*:*:*:*:*:*:*", "matchCriteriaId": "BECA1F06-6FFD-4A0D-B140-B25E39FB8513", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C547C041-6C58-44D5-93D7-C02E04E93994", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(1a\\):*:*:*:*:*:*:*", "matchCriteriaId": "C40F61A6-A992-4DA4-9730-D145055596C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "78970987-BD6E-48A0-AF43-540C925E1F97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(2a\\):*:*:*:*:*:*:*", "matchCriteriaId": "632B8CDD-5ACC-4FFB-950B-480CC43D192D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(2a\\)su1:*:*:*:*:*:*:*", "matchCriteriaId": "7740A5EF-538E-4095-91F5-E4DC03EDB35B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(2a\\)su2:*:*:*:*:*:*:*", "matchCriteriaId": "D805DD4A-269D-4399-B6BF-7F40F98C3BE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:8.6\\(2a\\)su3:*:*:*:*:*:*:*", "matchCriteriaId": "A06A53BA-668B-41C0-B223-6637487EF113", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:9.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "6793E1F6-DC57-4A13-B49D-0ED45E48426C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:9.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "50CD06E4-0C09-4DD7-B106-56DC680CE333", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection:9.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "BA2751A8-A3CF-4CC7-A7F2-003165C1AEDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection_8.5:base:*:*:*:*:*:*:*", "matchCriteriaId": "281886E5-AD01-410C-9014-167AF095CBD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unity_connection_8.6:base:*:*:*:*:*:*:*", "matchCriteriaId": "E2B7575D-4518-4654-8EF9-DEC16A151F82", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062."}, {"lang": "es", "value": "El proceso Connection Conversation Manager (tambi\u00e9n conocido como CuCsMgr) en Cisco Unity Connection 8.5 anterior a 8.5(1)SU6, 8.6 anterior a 8.6(2a)SU4, y 9.x anterior a 9.1(2)SU2, cuando la integraci\u00f3n SIP 'trunk' est\u00e1 habilitada, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del SIP) a trav\u00e9s de un paquete UDP manipulado, tambi\u00e9n conocido como Bug ID CSCuh25062."}], "id": "CVE-2015-0612", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-04-03T18:59:00.067", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1032010"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1032010"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-19"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.5\(1\):*:*:*:*:*:*:* (string)

matchCriteriaId : 101FCDD0-DC91-4111-975E-DE618D3B4E9A (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.5\(1\)su1:*:*:*:*:*:*:* (string)

matchCriteriaId : D386D8CD-D6EA-4705-ABDC-EA6558F5AC30 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.5\(1\)su2:*:*:*:*:*:*:* (string)

matchCriteriaId : D4B1917B-197C-4E28-9356-2ACC4C4DB932 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.5\(1\)su3:*:*:*:*:*:*:* (string)

matchCriteriaId : 5567A000-338E-40D7-9481-674B8FFC142D (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.5\(1\)su4:*:*:*:*:*:*:* (string)

matchCriteriaId : AA991A88-D49E-4957-B404-6E3C15C96994 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.5\(1\)su5:*:*:*:*:*:*:* (string)

matchCriteriaId : BECA1F06-6FFD-4A0D-B140-B25E39FB8513 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(1\):*:*:*:*:*:*:* (string)

matchCriteriaId : C547C041-6C58-44D5-93D7-C02E04E93994 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(1a\):*:*:*:*:*:*:* (string)

matchCriteriaId : C40F61A6-A992-4DA4-9730-D145055596C2 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(2\):*:*:*:*:*:*:* (string)

matchCriteriaId : 78970987-BD6E-48A0-AF43-540C925E1F97 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(2a\):*:*:*:*:*:*:* (string)

matchCriteriaId : 632B8CDD-5ACC-4FFB-950B-480CC43D192D (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(2a\)su1:*:*:*:*:*:*:* (string)

matchCriteriaId : 7740A5EF-538E-4095-91F5-E4DC03EDB35B (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(2a\)su2:*:*:*:*:*:*:* (string)

matchCriteriaId : D805DD4A-269D-4399-B6BF-7F40F98C3BE0 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:unity_connection:8.6\(2a\)su3:*:*:*:*:*:*:* (string)

matchCriteriaId : A06A53BA-668B-41C0-B223-6637487EF113 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cisco:unity_connection:9.0\(1\):*:*:*:*:*:*:* (string)

matchCriteriaId : 6793E1F6-DC57-4A13-B49D-0ED45E48426C (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cisco:unity_connection:9.1\(1\):*:*:*:*:*:*:* (string)

matchCriteriaId : 50CD06E4-0C09-4DD7-B106-56DC680CE333 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cisco:unity_connection:9.1\(2\):*:*:*:*:*:*:* (string)

matchCriteriaId : BA2751A8-A3CF-4CC7-A7F2-003165C1AEDB (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cisco:unity_connection_8.5:base:*:*:*:*:*:*:* (string)

matchCriteriaId : 281886E5-AD01-410C-9014-167AF095CBD5 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cisco:unity_connection_8.6:base:*:*:*:*:*:*:* (string)

matchCriteriaId : E2B7575D-4518-4654-8EF9-DEC16A151F82 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062. (string)

}

1 : { »

lang : es (string)

value : El proceso Connection Conversation Manager (también conocido como CuCsMgr) en Cisco Unity Connection 8.5 anterior a 8.5(1)SU6, 8.6 anterior a 8.6(2a)SU4, y 9.x anterior a 9.1(2)SU2, cuando la integración SIP 'trunk' está habilitada, permite a atacantes remotos causar una denegación de servicio (interrupción del SIP) a través de un paquete UDP manipulado, también conocido como Bug ID CSCuh25062. (string)

}

]

id : CVE-2015-0612 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.1 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2015-04-03T18:59:00.067 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc (string)

}

1 : { »

source : psirt@cisco.com (string)

url : http://www.securitytracker.com/id/1032010 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150401-cuc (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1032010 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-19 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object