Cisco Unauthorized Access Vulnerability

Cisco hat eine neue Security Advisory veröffentlicht:

Problembeschreibung

Eine Schwachstelle im Upgrade-Mechanismus von, auf der Cisco Voice Betriebssystem Software basierenden, Cisco Collaboration Produkten, könnte es einem nicht authentifizierten Angreifer ermöglichen einen erweiterten Zugriff auf ein betroffenes Gerät zu erlangen.

Betroffene Produkte

  • Cisco Unified Communications Manager (UCM)
  • Cisco Unified Communication Manager Session Management Edition (SME)
  • Cisco Emergency Responder
  • Cisco Unity Connection
  • Cisco Unified Communications Manager IM and Presence Service (IM&P; earlier releases were known as Cisco Unified Presence)
  • Cisco Prime License Manager
  • Cisco Hosted Collaboration Mediation Fulfillment
  • Cisco Unified Contact Center Express (UCCx)
  • Cisco SocialMiner
  • Cisco Unified Intelligence Center (UIC)
  • Cisco Finesse
  • Cisco MediaSense

Workaround/Solution

Cisco hat Software Updates veröffentlicht, die diese Schwachstelle beheben. Es gibt keinen Workaround der diese Schwachstelle adressiert.

Für detaillierte Informationen erreichen sie uns bitte unter support@nts.eu

Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability

Cisco has published a new security advisory:

Problem Description

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device.

Affected products

  • Cisco Unified Communications Manager (UCM)
  • Cisco Unified Communication Manager Session Management Edition (SME)
  • Cisco Emergency Responder
  • Cisco Unity Connection
  • Cisco Unified Communications Manager IM and Presence Service (IM&P; earlier releases were known as Cisco Unified Presence)
  • Cisco Prime License Manager
  • Cisco Hosted Collaboration Mediation Fulfillment
  • Cisco Unified Contact Center Express (UCCx)
  • Cisco SocialMiner
  • Cisco Unified Intelligence Center (UIC)
  • Cisco Finesse
  • Cisco MediaSense

 

Workaround/Solution

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

For detailed information please contact us via support@nts.eu

Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability