Vulnslist

find the latest Cisco vulnerabilities

Multiple Vulnerabilities in Cisco Unified Communications Manager

cisco-sa-20130717-cucm · Medium · Published · Updated

Cisco Unified Communications Manager (Unified CM) contains multiple vulnerabilities that could be used together to allow an unauthenticated, remote attacker to gather user credentials, escalate privileges, and execute commands to gain full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify information in Cisco Unified CM. On June 6, 2013, a French security firm, Lexfo, delivered a public presentation on VoIP security that included a demonstration of multiple vulnerabilities used to compromise Cisco Unified CM. During the presentation, the researchers demonstrated a multistaged attack that chained a number of vulnerabilities, which resulted in a complete compromise of the Cisco Unified CM server. The attack chain used the following types of vulnerabilities: Blind Structured Query Language (SQL) injection Command injection Privilege escalation Cisco PSIRT greatly appreciates the opportunity to work with researchers on security vulnerabilities and welcomes the opportunity to review and assist in product reports. Cisco has released a Cisco Options Package (COP) file that addresses three of the vulnerabilities documented in this advisory. Cisco is currently investigating the remaining vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds for the vulnerabilities described in this document.

Additional workaround details are available in the companion Applied Mitigation Bulletin (AMB) at the following location: http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=29846http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=29846

CVEsCVE-2013-3402, CVE-2013-3403, CVE-2013-3404, CVE-2013-3412, CVE-2013-3433, CVE-2013-3434
Cisco Bug IDsCSCsc69187, CSCuh01051, CSCuh73440, CSCuh73454, CSCuh81766, CSCuh87042, CSCui01756, CSCui02242, CSCui02276
CVSS ScoreBase 6.5
Base 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:U/RC:C
Base 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N/E:F/RL:TF/RC:C
Base 5.5 AV:N/AC:L/Au:S/C:P/I:P/A:N/E:F/RL:U/RC:C
Base 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:U/RC:C
Base 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:TF/RC:C
Product Names From Source
Cisco Unified Presence Server, Cisco Unified Communications Manager

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2013-3434 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-3433 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-3412 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-3404 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-3403 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-3402 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-3434 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-3433 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-3412 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-3404 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-3403 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-3402 Cisco OpenVuln
Cisco Unified Presence Server CVE-2013-3434 Cisco OpenVuln
Cisco Unified Presence Server CVE-2013-3433 Cisco OpenVuln
Cisco Unified Presence Server CVE-2013-3412 Cisco OpenVuln
Cisco Unified Presence Server CVE-2013-3404 Cisco OpenVuln
Cisco Unified Presence Server CVE-2013-3403 Cisco OpenVuln
Cisco Unified Presence Server CVE-2013-3402 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2013-3434 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2013-3433 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2013-3412 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2013-3404 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2013-3403 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2013-3402 Cisco OpenVuln