Vulnerabilities exist in versions 7.1, 8.5,. 8.6, 9.0 and 9.1 of the company s popular VoIP processing system. The company says it isn t aware that any of the vulnerabilities are being maliciously exploited. Patches are available on for all three versions (7, 8 and 9) of the software although 85 users are explicitly being asked to upgrade to.8.6 to ensure they fix all the issues.
Source: https://threatpost.com/cisco-patches-dos-buffer-overflow-vulnerabilities-in-ucm/102063/