VDB-124899 · CVE-2018-15396Cisco Unity Connection Bulk Administration Tool Connection Request サービス拒否エントリ履歴差分jsonxmlCTIフィールド2018年10月06日 11:112020年03月30日 16:31typeUnified Communication SoftwareUnified Communication SoftwarevendorCiscoCisconameUnity ConnectionUnity ConnectioncomponentBulk Administration ToolBulk Administration Toolinput_typeConnection RequestConnection Requestcwe399 (サービス拒否)399 (サービス拒否)risk11cvss2_vuldb_basescore3.53.5cvss2_vuldb_tempscore3.03.0cvss2_vuldb_avNNcvss2_vuldb_acMMcvss2_vuldb_auSScvss2_vuldb_ciNNcvss2_vuldb_iiNNcvss2_vuldb_aiPPcvss2_nvd_avNNcvss2_nvd_acLLcvss2_nvd_auSScvss2_nvd_ciNNcvss2_nvd_iiNNcvss2_nvd_aiPPcvss3_meta_basescore5.55.5cvss3_meta_tempscore5.35.3cvss3_vuldb_basescore4.34.3cvss3_vuldb_tempscore4.14.1cvss3_vuldb_avNNcvss3_vuldb_acLLcvss3_vuldb_prLLcvss3_vuldb_uiNNcvss3_vuldb_sUUcvss3_vuldb_cNNcvss3_vuldb_iNNcvss3_vuldb_aLLcvss3_nvd_avNNcvss3_nvd_acLLcvss3_nvd_prHHcvss3_nvd_uiNNcvss3_nvd_sCCcvss3_nvd_cNNcvss3_nvd_iNNcvss3_nvd_aHHdate1538690400 (2018年10月05日)1538690400 (2018年10月05日)locationWebsiteWebsitetypeAdvisoryAdvisoryurlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-unity-doshttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-unity-dosidentifiercisco-sa-20181003-unity-doscisco-sa-20181003-unity-dosprice_0day$0-$5k$0-$5knameUpgradeUpgradecveCVE-2018-15396CVE-2018-15396cve_assigned1534456800 (2018年08月17日)1534456800 (2018年08月17日)cve_nvd_published15386976001538697600cve_nvd_summaryA vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition.A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not restrict the maximum size of certain files that can be written to disk. An attacker who has valid administrator credentials for an affected system could exploit this vulnerability by sending a crafted, remote connection request to an affected system. A successful exploit could allow the attacker to write a file that consumes most of the available disk space on the system, causing application functions to operate abnormally and leading to a DoS condition.cvss2_vuldb_eNDNDcvss2_vuldb_rlOFOFcvss2_vuldb_rcCCcvss3_vuldb_eXXcvss3_vuldb_rlOOcvss3_vuldb_rcCC0day_days22cvss3_nvd_basescore6.86.8discoverydate1538524800◂ 前概要次 ▸Do you need the next level of professionalism?Upgrade your account now!