Sign-up

ID

VAR-201209-0230


CVE

CVE-2012-3096


TITLE

Cisco Unity Connection Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-004404

DESCRIPTION

Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug ID CSCtd79132. Unity Connection is prone to a denial-of-service vulnerability. Cisco Unity is an advanced unified communications solution for enterprise-level organizations that can provide powerful messaging services and intelligent voice messaging services. Vulnerabilities exist in Cisco Unity Connection (UC) versions 7.1, 8.0, 8.5

Trust: 1.98

sources: NVD: CVE-2012-3096 // JVNDB: JVNDB-2012-004404 // BID: 78181 // VULHUB: VHN-56377

AFFECTED PRODUCTS

vendor:ciscomodel:unity connectionscope:eqversion:8.5

Trust: 2.7

vendor:ciscomodel:unity connectionscope:eqversion:8.0

Trust: 2.7

vendor:ciscomodel:unity connectionscope:eqversion:7.1

Trust: 2.7

sources: BID: 78181 // JVNDB: JVNDB-2012-004404 // CNNVD: CNNVD-201209-354 // NVD: CVE-2012-3096

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-3096
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-3096
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201209-354
value: MEDIUM

Trust: 0.6

VULHUB: VHN-56377
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-3096
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-56377
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-56377 // JVNDB: JVNDB-2012-004404 // CNNVD: CNNVD-201209-354 // NVD: CVE-2012-3096

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2012-004404 // NVD: CVE-2012-3096

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201209-354

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201209-354

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-004404

PATCH
title:Release Notes for Cisco Unity Connection Releases 7.1(5), 7.1(5a), and 7.1(5b)url:http://www.cisco.com/en/US/docs/voice_ip_comm/connection/7x/release/notes/715cucrn.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-004404

EXTERNAL IDS
db:NVDid:CVE-2012-3096
Trust: 2.8
db:JVNDBid:JVNDB-2012-004404
Trust: 0.8
db:CNNVDid:CNNVD-201209-354
Trust: 0.7
db:BIDid:78181
Trust: 0.4
db:XFid:78915
Trust: 0.3
db:VULHUBid:VHN-56377
Trust: 0.1
sources:
            
            
            VULHUB: VHN-56377 // 
            
            
            
            BID: 78181 // 
            
            
            
            JVNDB: JVNDB-2012-004404 // 
            
            
            
            CNNVD: CNNVD-201209-354 // 
            
            
            
            NVD: CVE-2012-3096

REFERENCES
url:http://www.cisco.com/en/us/docs/voice_ip_comm/connection/7x/release/notes/715cucrn.html
Trust: 2.0
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/78915
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3096
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3096
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/78915
Trust: 0.3
sources:
            
            
            VULHUB: VHN-56377 // 
            
            
            
            BID: 78181 // 
            
            
            
            JVNDB: JVNDB-2012-004404 // 
            
            
            
            CNNVD: CNNVD-201209-354 // 
            
            
            
            NVD: CVE-2012-3096

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 78181

SOURCES
db:VULHUBid:VHN-56377
db:BIDid:78181
db:JVNDBid:JVNDB-2012-004404
db:CNNVDid:CNNVD-201209-354
db:NVDid:CVE-2012-3096

LAST UPDATE DATE
2024-11-23T22:27:31.338000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-56377date:2017-08-29T00:00:00
db:BIDid:78181date:2012-09-16T00:00:00
db:JVNDBid:JVNDB-2012-004404date:2012-09-18T00:00:00
db:CNNVDid:CNNVD-201209-354date:2012-09-19T00:00:00
db:NVDid:CVE-2012-3096date:2024-11-21T01:40:12.363

SOURCES RELEASE DATE
db:VULHUBid:VHN-56377date:2012-09-16T00:00:00
db:BIDid:78181date:2012-09-16T00:00:00
db:JVNDBid:JVNDB-2012-004404date:2012-09-18T00:00:00
db:CNNVDid:CNNVD-201209-354date:2012-09-19T00:00:00
db:NVDid:CVE-2012-3096date:2012-09-16T10:34:50.690