SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (VoIP/Phone/FAX)  >   Cisco Unity Vendors:   Cisco
Cisco Unity Connection Bulk Administration Tool Validation Flaw Lets Remote Authenticated Users Consume Excessive Memory Resources
SecurityTracker Alert ID:  1041782
SecurityTracker URL:  http://securitytracker.com/id/1041782
CVE Reference:   CVE-2018-15396   (Links to External Site)
Date:  Oct 3 2018
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Unity Connection. A remote authenticated user can consume excessive memory on the target system.

A remote authenticated user can exploit a validation flaw in the Bulk Administration Tool (BAT) to cause high disk utilization and denial of service (DoS) conditions on the target system.

The vendor has assigned bug ID CSCvj79033 to this vulnerability.

Impact:   A remote authenticated user can consume excessive memory resources on the target system.
Solution:   The vendor has issued a fix.

The vendor advisory is available at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-unity-dos

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-unity-dos (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents

Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-unity-dos

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC