Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

DoS Vulnerabilities Patched in Cisco Unity Connection

Cisco has addressed several denial-of-service (DoS) vulnerabilities in Cisco Unity Connection, the company’s unified messaging platform.

The security holes affect Cisco Unity Connection version 10.0 and prior, but only if the product is configured with Session Initiation Protocol (SIP) trunk integration. Skinny Call Control Protocol (SCCP) integrations are not impacted.

Cisco has addressed several denial-of-service (DoS) vulnerabilities in Cisco Unity Connection, the company’s unified messaging platform.

The security holes affect Cisco Unity Connection version 10.0 and prior, but only if the product is configured with Session Initiation Protocol (SIP) trunk integration. Skinny Call Control Protocol (SCCP) integrations are not impacted.

One of the flaws patched by Cisco exists in the Connection Conversation Manager (CuCsMgr) process due to the incorrect processing of certain UDP packets (CVE-2015-0612). A remote attacker can exploit the bug to cause the SIP network port UDP 5060 to close by sending a specially crafted UDP packet to the targeted device. Once the port is closed, Unity Connection can no longer process any calls, Cisco said in its advisory.

Two other CuCsMgr vulnerabilities can be leveraged to trigger a core dump of the process and cause a DoS condition by sending a specially crafted SIP INVITE messages to the Cisco Unity Connection server (CVE-2015-0613, CVE-2015-0614). The flaws are caused by the incorrect processing of crafted SIP INVITE messages and they can be exploited with UDP, TCP, or TLS connections. These security holes are similar, but they are not the same because a different part of the SIP INVITE message is processed incorrectly, Cisco noted.

A similar vulnerability (CVE-2015-0616) is caused by the incorrect handling of abnormally terminated SIP conversations. An attacker can cause a core dump and a DoS condition by causing the incorrect termination of TCP SIP conversations.

Finally, Cisco has resolved a flaw that can be exploited by a remote attacker to cause all SIP ports to become busy (CVE-2015-0615). All SIP connection lines can be blocked because in some scenarios allocated resources are not released properly. Once a DoS condition is triggered, the only way to restore service is by restarting the conversation manager.

All of these vulnerabilities can be exploited both over IPv4 or IPv6 communications.

Cisco has released updates for each of the affected versions of the software. Cisco Unity Connection 10.5 and certain 10.0 releases are not affected.

The company says it’s not aware of instances where these vulnerabilities have been used for malicious purposes, but some network scanners are known to exploit CVE-2015-0612.

In addition to the vulnerabilities affecting Cisco Unity Connection, the company patched a security bug in Cisco Prime Data Center Network Manager (DCNM). The product is plagued by a file information disclosure vulnerability that can be exploited by a remote, unauthenticated attacker to retrieve arbitrary files from the underlying operating system.

Related: Cisco Fixes DoS Vulnerabilities in IOS Software

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Vulnerabilities

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.