Next Page >>
customers
* Administrative level access via default user names and passwords
* Privilege escalation
* A denial of service (DoS) condition
Cisco has released free software updates available for affected
customers. Workarounds that mitigate some of the vulnerabilities are
available.
Note: These vulnerabilities are independent of each other. A device
may be affected by one vulnerability and not affected by another.
SIP implementation, and one vulnerability is in the MGCP
implementation.
The following vulnerabilities can cause affected devices to crash:
* CSCsl39126 (registered customers only), CVE ID CVE-2010-0601
* CSCsk32606 (registered customers only), CVE ID CVE-2010-0602
* CSCsk40030 (registered customers only), CVE ID CVE-2010-0603
* CSCsk38165 (registered customers only), CVE ID CVE-2010-0604
* CSCsk44115 (registered customers only), CVE ID CVE-2010-1561
* CSCsj98521 (registered customers only), CVE ID CVE-2010-1562
a malformed request to an affected device via TCP port 8082.
An attacker must perform a three-way TCP handshake and establish a
valid session to exploit this vulnerability.
* Cisco TelePresence endpoint - CSCtb31640 ( registered customers
only) has been assigned the CVE identifier CVE-2011-0372
CGI Command Injection
Multiple CGI command injection vulnerabilities exist in Cisco
An attacker must perform a three-way TCP handshake and establish a
valid session to exploit these vulnerabilities.
* Cisco TelePresence Recording Server - CSCtf42005 ( registered
customers only) has been assigned the CVE identifier
CVE-2011-0383.
CGI Command Injection
+--------------------
* Cisco Unified Communications Manager 6.x
* Cisco Unified Communications Manager 7.x
* Cisco Unified Communications Manager 8.x
Note: Cisco Unified Communications Manager version 5.1 reached end of
software maintenance on February 13, 2010. Customers who are using
Cisco Unified Communications Manager 5.x versions should contact
their Cisco support team for assistance in upgrading to a supported
version of Cisco Unified Communications Manager.
Products Confirmed Not Vulnerable
Default credentials are assigned for several predefined user accounts
on the device including the administrative user account. Any user
with network access to the device can log in as an administrator and
take complete control over the vulnerable device.
* CSCtb83495 ( registered customers only) has been assigned the CVE
identifier CVE-2010-0595.
Privilege escalation
+-------------------
80, 443, or 8080.
An attacker must perform a three-way TCP handshake and establish a
valid session to exploit these vulnerabilities.
* CTMS - CSCtf42008 ( registered customers only) has been assigned
the CVE identifier CVE-2011-0383.
* CTMS - CSCtf01253 ( registered customers only) has been assigned
the CVE identifier CVE-2011-0384.
Unauthenticated Arbitrary File Upload
* NTLMv1 Authentication Bypass Vulnerability
Because the Cisco PIX 500 Series Security Appliances reached End of
Software Maintenance Releases on July 28, 2009, no further software
releases will be available for the Cisco PIX 500 Series Security
Appliances. Cisco PIX 500 Series Security Appliances customers are
encouraged to migrate to Cisco ASA 5500 Series Adaptive Security
Appliances or to implement any applicable workarounds that are listed
in the "Workarounds" section of this advisory. Fixed software is
available for the Cisco ASA 5500 Series Adaptive Security Appliances.
For more information, refer to the End of Life announcement at:
A workaround exists for one of the two vulnerabilities disclosed in this
advisory.
Cisco has made free software available to address these vulnerabilities
for affected customers.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml.
Affected Products
|------------------------------------+--------------------------|
| 4.0.1 on Microsoft Windows | 4.0.1 |
+---------------------------------------------------------------+
Note: CiscoWorks LAN Management Solution versions prior to 3.2
reached end of software maintenance. Customers should contact
their Cisco support team for assistance in upgrading to a
supported version of CiscoWorks LAN Management Solution.
* Cisco Security Manager
information about the affected version.
Cisco PIX Security Appliances may be affected by some of the
vulnerabilities described in this security advisory. Cisco PIX has
reached end of maintenance support. Cisco PIX Security Appliance
customers are encouraged to migrate to Cisco ASA 5500 Series Adaptive
Security Appliances. Consult the dedicated section for Cisco PIX
Security Appliances in the "Vulnerable Products" section of this
security advisory for more information about affected versions.
Vulnerable Products
For Public Release 2008 May 21 1600 UTC (GMT)
Summary
=======
A vulnerability exists in the Cisco Unified Customer Voice Portal (CVP)
where an authenticated user can create, modify, or delete a superuser
account. Cisco has released free software updates that address this
vulnerability.
This advisory is posted at
For Public Release 2008 May 21 1600 UTC (GMT)
Summary
=======
A vulnerability exists in the Cisco Unified Customer Voice Portal (CVP)
where an authenticated user can create, modify, or delete a superuser
account. Cisco has released free software updates that address this
vulnerability.
This advisory is posted at
For Public Release 2008 May 21 1600 UTC (GMT)
Summary
=======
A vulnerability exists in the Cisco Unified Customer Voice Portal (CVP)
where an authenticated user can create, modify, or delete a superuser
account. Cisco has released free software updates that address this
vulnerability.
This advisory is posted at
A service policy bypass vulnerability exists in the Cisco Content
Services Gateway - Second Generation (CSG2), which runs on the
Cisco Service and Application Module for IP (SAMI). Under certain
configurations this vulnerability could allow:
* Customers to access sites that would normally match a billing
policy to be accessed without being charged to the end customer
* Customers to access sites that would normally be denied based on
configured restriction policies
Additionally, Cisco IOS Software Release 12.4(24)MD1 on the Cisco
Summary
=======
Cisco Unified Contact Center Express (Cisco Unified CCX) server contains
both a directory traversal vulnerability and a script injection
vulnerability in the administration pages of the Customer Response
Solutions (CRS) and Cisco Unified IP Interactive Voice Response (Cisco
Unified IP IVR) products. Exploitation of these vulnerabilities could
result in a denial of service condition, information disclosure, or a
privilege escalation attack.
A device with the SSH server enabled is vulnerable.
These vulnerabilities are documented in Cisco Bug IDs:
* CSCsk42419 ( registered customers only)
* CSCsk60020 ( registered customers only)
* CSCsh51293 ( registered customers only)
Vulnerability Scoring Details
=============================
a denial of service (DoS) condition. The first vulnerability exists
when processing TCP packets, and the second vulnerability affects
devices with service termination enabled.
Cisco has made free software available to address these
vulnerabilities for affected customers.
This advisory is posted at
http://www.cisco.com/warp/public/707/cisco-sa-20070905-csm.shtml
Affected Products
|----------------------+----------------|
| 8.6 | No |
+---------------------------------------+
Note: Cisco Unity Connection versions prior to 7.1 reached end of
software maintenance. Customers running versions prior to 7.1 should
contact their Cisco support team for assistance in upgrading to a
supported version of Cisco Unity Connection.
Cisco Unity Connection Denial of Service Vulnerability
=======
Devices running Cisco IOS versions 12.0S, 12.2, 12.3 or 12.4 and
configured for Multiprotocol Label Switching (MPLS) Virtual Private
Networks (VPNs) or VPN Routing and Forwarding Lite (VRF Lite) and
using Border Gateway Protocol (BGP) between Customer Edge (CE) and
Provider Edge (PE) devices may permit information to propagate
between VPNs.
Workarounds are available to help mitigate this vulnerability.
- -------------------------------------------------------------------------------
Summary
=======
Customers who use the CiscoWorks Wireless LAN Solution Engine (WLSE) may use a
conversion utility to convert over to a Cisco Wireless Control System (WCS).
This conversion utility creates and uses administrative accounts with default
credentials. Because there is no requirement to change these credentials during
the conversion process, an attacker may be able to leverage the accounts that
have default credentials to take full administrative control of the WCS after
* Cisco Unified Communications Manager 6.x
* Cisco Unified Communications Manager 7.x
* Cisco Unified Communications Manager 8.x
Note: Cisco Unified Communications Manager version 6.1 reached the
End of Software Maintenance on September 3, 2011. Customers using
Cisco Unified Communications Manager 6.x versions, should contact
their Cisco support team for assistance in upgrading to a supported
version of Cisco Unified Communications Manager.
Products Confirmed Not Vulnerable
These vulnerabilities are triggered by a crafted Session Initiation
Protocol (SIP) packet that is sent to an affected device on either
TCP and UDP ports 5060 or 5061.
These vulnerabilities are documented in Cisco bug ID CSCtr20426 (
registered customers only) and CSCtq73319 (registered customers
only), and have been assigned Common Vulnerability and Exposure (CVE)
IDs CVE-2012-0330 and CVE-2012-0331, respectively.
Vulnerability Scoring Details
+----------------------------
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps organizations determine the urgency and priority of
a response.
Cisco has provided a base and temporal score. Customers can also
compute environmental scores that help determine the impact of the
vulnerability in their own networks.
Cisco has provided additional information regarding CVSS at the
following link:
| |8.4 |
| |8.6 |
+---------------------------------------------------------------+
Note: Cisco ASA Software version 7.0 and 7.1 have reached end of
software maintenance. Customers who are using Cisco ASA Software
version 7.0 or 7.1 should contact their Cisco support team for
assistance in upgrading to a supported version of Cisco ASA
Software.
Note: The affected implementation of the Cisco Clientless VPN
example.
FWSM#show version
FWSM Firewall Version 3.2(3)
Customers who use the Cisco Adaptive Security Device Manager (ASDM) to
manage their devices can find the version of the software displayed in
the table in the login window or in the upper left corner of the ASDM
window. The version notation is similar to the following example.
FWSM Version: 3.2(3)
use one of the following methods:
* In the web interface, choose the Monitor tab, click Summary in
the left pane, and note the Software Version field.
Note: Customers who use a WLC Module in an Integrated Services
Router (ISR) will need to issue the service-module
wlan-controller 1/0 session command prior to performing the next
step on the command line. Customers who use a Cisco Catalyst
3750G Switch with an integrated WLC Module will need to issue the
session <Stack-Member-Number> processor 1 session command prior
this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then
compute environmental scores to assist in determining the impact of the
vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding
CVSS at
vulnerability.
Details
=======
The Cisco GSS platform allows customers to leverage global content
deployment across multiple distributed and mirrored data locations,
optimizing site selection, improving Domain Name System (DNS)
responsiveness, and ensuring data center availability.
The GSS is inserted into the traditional DNS hierarchy and is closely
Cisco Adaptive Security Appliance Software Version 8.0(4)
Device Manager Version 6.0(1)
[...]
Customers who use the Cisco Adaptive Security Device Manager (ASDM) to
manage their devices can find the version of the software displayed in
the table in the login window or in the upper left corner of the ASDM
window.
Products Confirmed Not Vulnerable
Next Page>>
|
