Vulnerabilities > CVE-2018-0203 - Unspecified vulnerability in Cisco Unity Connection

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

cisco

NVD

Published: 2018-02-22

Updated: 2019-10-09

Summary

A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to the targeted application. A successful exploit could allow the attacker to send email messages to arbitrary addresses. Cisco Bug IDs: CSCvg62215.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unity Connection -	1

References

http://www.securityfocus.com/bid/103142
http://www.securitytracker.com/id/1040413
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-cuc