Cisco Unified Communications Manager RIS Data Collector Service Authentication Bypass Vulnerability
BID:29935
Info
Cisco Unified Communications Manager RIS Data Collector Service Authentication Bypass Vulnerability
| Bugtraq ID: | 29935 |
| Class: | Access Validation Error |
| CVE: |
CVE-2008-2062 CVE-2008-2730 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 25 2008 12:00AM |
| Updated: | Jun 26 2008 06:00PM |
| Credit: | VoIPsheild |
| Vulnerable: |
Cisco Unified Communications Manager 6.1(1a) Cisco Unified Communications Manager 6.1(1) Cisco Unified Communications Manager 6.1 Cisco Unified Communications Manager 6.0(1) Cisco Unified Communications Manager 6.0 (1a) Cisco Unified Communications Manager 6.0 Cisco Unified Communications Manager 5.1(3a) Cisco Unified Communications Manager 5.1(3) Cisco Unified Communications Manager 5.1(2b) Cisco Unified Communications Manager 5.1(2a) Cisco Unified Communications Manager 5.1(2) Cisco Unified Communications Manager 5.1(1) Cisco Unified Communications Manager 4.3(2) Cisco Unified Communications Manager 4.3(1)Sr.1 Cisco Unified Communications Manager 4.3 Cisco Unified Communications Manager 4.2(3)sr2 Cisco Unified Communications Manager 4.2 (3)SR3 Cisco Unified Communications Manager 4.2 (3)SR2b Cisco Call Manager 4.1 (3)SR2 Cisco Call Manager 4.1 (3)SR1 Cisco Call Manager 4.1 (3)ES32 Cisco Call Manager 4.1 (3)ES24 Cisco Call Manager 4.1 (3)ES07 Cisco Call Manager 4.1 (2)ES55 Cisco Call Manager 4.1 (2)ES50 Cisco Call Manager 4.1 (2)ES33 Cisco Call Manager 4.1(3)SR4 |
| Not Vulnerable: |
Cisco Unified Communications Manager 6.1(2) Cisco Unified Communications Manager 5.1(3C) Cisco Unified Communications Manager 4.3(2)SR1 Cisco Unified Communications Manager 4.2 (3)SR4 |
Discussion
Cisco Unified Communications Manager RIS Data Collector Service Authentication Bypass Vulnerability
Cisco Unified Communications Manager (CUCM) is prone to an authentication-bypass vulnerability that affects the Real-Time Information Server (RIS) Data Collector service.
Attackers can exploit this issue to gain read-only access to potentially sensitive information about a CUCM cluster. Information harvested can aid in further attacks.
The following versions of CUCM are affected:
4.2 prior to 4.2(3)SR4
4.3 prior to 4.3(2)SR1
5.0 prior to 5.1(3c)
6.0 prior to 6.1(2)
Unified CallManager 4.1 versions are also affected.
Cisco Unified Communications Manager (CUCM) is prone to an authentication-bypass vulnerability that affects the Real-Time Information Server (RIS) Data Collector service.
Attackers can exploit this issue to gain read-only access to potentially sensitive information about a CUCM cluster. Information harvested can aid in further attacks.
The following versions of CUCM are affected:
4.2 prior to 4.2(3)SR4
4.3 prior to 4.3(2)SR1
5.0 prior to 5.1(3c)
6.0 prior to 6.1(2)
Unified CallManager 4.1 versions are also affected.
Exploit / POC
Cisco Unified Communications Manager RIS Data Collector Service Authentication Bypass Vulnerability
Attackers can use readily available tools to exploit this issue.
Attackers can use readily available tools to exploit this issue.
Solution / Fix
Cisco Unified Communications Manager RIS Data Collector Service Authentication Bypass Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
References
Cisco Unified Communications Manager RIS Data Collector Service Authentication Bypass Vulnerability
References:
References:
- Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of th (Cisco)
- Cisco Unified Communications Manager (CallManager) (Cisco)
- Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service (Cisco Systems Product Security Incident Response Team
) - Serviceability Monitoring Tool Unauthenticated Access to Server Processes Functi (VoIPshield Systems Inc)