Vulnerabilities > CVE-2012-3060 - Resource Management Errors vulnerability in Cisco Unity Connection 8.6/9.0/9.5

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

NVD

Published: 2012-09-16

Updated: 2017-08-29

Summary

Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unity Connection 8.6 Cisco Unity Connection 9.0 Cisco Unity Connection 9.5	3

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www.cisco.com/web/software/282074295/93949/cucm-readme-862asu2-Rev2.pdf
https://exchange.xforce.ibmcloud.com/vulnerabilities/78922