Cisco-SA-20081009-CVE-2008-4544

Cisco Unity Connection Exhaustion Denial of Service Vulnerability

Cisco-SA-20081009-CVE-2008-4544 · Medium · Published 17 years ago · Updated 17 years ago

Cisco Unity contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.  This vulnerability exists due to improper handling of network messages.  An unauthenticated, remote attacker to exploit this vulnerability to render the Cisco Unity server unavailable, which may deny legitimate users access to the affected system. Cisco confirmed this vulnerability, but updated software is not available. Attackers may require access to trusted, internal networks to connect to an affected system.  An exploit could prevent the establishment of further connections with the affected system.  This denial of service condition could prevent users from accessing the Cisco Unity server.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply updates as they become available.

Administrators are advised to restrict access to affected systems to trusted networks.

Administrators are advised to monitor affected systems for signs of exploitation.

CVEs	CVE-2008-4544
Cisco Bug IDs	NA
CVSS Score	Base 5.0 Base 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:W/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source	Cisco Unity

Related Products

Product	CVE	Evidence

Vulnslist

find the latest Cisco vulnerabilities

Cisco Unity Connection Exhaustion Denial of Service Vulnerability

Workarounds

Related Products