Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2014.0195
A number of vulnerabilities have been identified in Cisco
Unified Communications Manager
13 February 2014
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Cisco Unified Communications Manager
Publisher: Cisco Systems
Operating System: Cisco
VMware ESX Server
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Cross-site Scripting -- Remote with User Interaction
Access Confidential Data -- Remote/Unauthenticated
Unauthorised Access -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2014-0728 CVE-2014-0727 CVE-2014-0726
CVE-2014-0725 CVE-2014-0724 CVE-2014-0723
CVE-2014-0722
Original Bulletin:
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0722
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0723
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0724
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0725
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0726
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0727
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0728
Comment: This bulletin contains seven (7) Cisco Systems security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
Cisco Security Notice
Cisco Unified Communications Manager Unauthenticated log4jinit Access
Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0722
CVE ID: CVE-2014-0722
Release Date: 2014 February 11 21:19 UTC (GMT)
Last Updated: 2014 February 11 21:19 UTC (GMT)
Summary
A vulnerability in the log4jinit web application of Cisco Unified
Communications Manager (UCM) could allow an unauthenticated, remote attacker
to access the log4jinit web application.
The vulnerability is due to insufficient authentication checking when
accessing the log4jinit web application. An attacker could exploit this
vulnerability by accessing the log4jinit web application. An exploit could
allow the attacker to generate activity within the log4jinit web application
and cause performance issues for users currently logged into the Cisco UCM
command line.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05347 5.0/5.0
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------------------------------------------------------------
Cisco Security Notice
Cisco Unified Communications Manager IPMA Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0723
CVE ID: CVE-2014-0723
Release Date: 2014 February 11 21:28 UTC (GMT)
Last Updated: 2014 February 11 21:28 UTC (GMT)
Summary
A vulnerability in the Cisco IP Manager Assistant (IPMA) interface of Cisco
Unified Communications Manager (UCM) could allow an unauthenticated, remote
attacker to conduct a cross-site scripting (XSS) attack against a user of the
web interface on the affected system.
The vulnerability is due to insufficient input validation. An attacker could
exploit this vulnerability by convincing a user to access a malicious link.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05343 4.3/4.1
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------------------------------------------------------------
Cisco Security Notice
Cisco Unified Communications Manager Arbitrary File Read Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0724
CVE ID: CVE-2014-0724
Release Date: 2014 February 11 21:35 UTC (GMT)
Last Updated: 2014 February 12 18:28 UTC (GMT)
Related Documents:
Summary
A vulnerability in the bulk administration interface of Cisco Unified
Communications Manager (UCM) could allow an authenticated, remote attacker to
read arbitrary files from the underlying file system.
The vulnerability is due to insufficient input validation. An attacker could
exploit this vulnerability by providing crafted input at a specific prompt in
the bulk administration interface. An exploit could allow the attacker to read
arbitrary files from the underlying operating system.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05340 4.0/3.8
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------------------------------------------------------------
Cisco Security Notice
Cisco Unified Communications Manager WAR File Availability Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0725
CVE ID: CVE-2014-0725
Release Date: 2014 February 12 16:13 UTC (GMT)
Last Updated: 2014 February 12 16:13 UTC (GMT)
Summary
A vulnerability in the availability of Cisco Unified Communications Manager
(UCM) web archive (WAR) files could allow an unauthenticated, remote attacker
to access the files.
The vulnerability is due to missing authentication requirements on locations
that store WAR files. An attacker could exploit this vulnerability by
connecting to the file storage location and accessing the files without
providing authentication credentials. An exploit could allow the attacker to
gain access to sensitive information within the retrieved files.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05337 5.0/4.8
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------------------------------------------------------------
Cisco Security Notice
Cisco Unified Communications Manager IPMA Blind SQL Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0726
CVE ID: CVE-2014-0726
Release Date: 2014 February 12 15:54 UTC (GMT)
Last Updated: 2014 February 12 19:58 UTC (GMT)
Related Documents:
Summary
A vulnerability in the Cisco Unified Communications Manager (UCM) IP Manager
Assistant (IPMA) interface could allow an unauthenticated, remote attacker to
impact the integrity of the system by executing arbitrary SQL queries.
The vulnerability is due to a lack of input validation on user-supplied input
within SQL queries. An attacker could exploit this vulnerability by sending
crafted URLs that include SQL statements to the affected system. An exploit
could allow the attacker to determine the presence of certain values in the
database.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05326 4.3/4.1
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------------------------------------------------------------
Cisco Security Notice
Cisco Unified Communications Manager CMIVR Blind SQL Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0727
CVE ID: CVE-2014-0727
Release Date: 2014 February 12 15:55 UTC (GMT)
Last Updated: 2014 February 12 20:01 UTC (GMT)
Related Documents:
Summary
A vulnerability in the Cisco Unified Communications Manager (UCM) Unified
CallManager Interactive Voice Response (CMIVR) interface could allow an
unauthenticated, remote attacker to impact the integrity of the system by
executing arbitrary SQL queries.
The vulnerability is due to a lack of input validation on user-supplied input
within SQL queries. An attacker could exploit this vulnerability by sending
crafted URLs that contain malicious SQL statements to the affected system. An
exploit could allow the attacker to determine the presence of certain values
in the database.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05318 4.3/4.1
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------------------------------------------------------------
Cisco Security Notice
Cisco Unified Communications Manager Java Interface SQL Injection
Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0728
CVE ID: CVE-2014-0728
Release Date: 2014 February 11 23:03 UTC (GMT)
Last Updated: 2014 February 12 21:35 UTC (GMT)
Related Documents:
Summary
A vulnerability in the Java database interface of Cisco Unified Communications
Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to
impact the integrity of the system by executing arbitrary SQL queries.
The vulnerability is due to a failure to validate user-supplied input used in
SQL queries. An attacker could exploit this vulnerability by sending crafted
URLs that include SQL statements. An exploit could allow the attacker to
determine the presence of certain values in the database.
Affected Products
Product More Information CVSS
Cisco Unified Communications Manager CSCum05313 4.3/4.1
What Is a Cisco Security Notice?
The Cisco Product Security Incident Response Team (PSIRT) publishes Cisco
Security Notices to inform customers of low- to mid-level severity security
issues involving Cisco products.
Customers who wish to upgrade to a software version that includes fixes for
these issues should contact their normal support channels. Free software
updates will not be provided for issues that are disclosed through a Cisco
Security Notice.
For additional information about Cisco PSIRT publications, see the Cisco
Security Vulnerability Policy at
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Customers Using Third-Party Support Organizations
Customers may have Cisco products that are provided or maintained through
prior or existing agreements with third-party support organizations, such as
Cisco Partners, authorized resellers, or service providers. For these
products, customers should consult their service providers or support
organizations to ensure that any applied workaround or fix is the most
appropriate in the intended network before it is deployed.
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF
GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS
LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO
CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the
distribution URL is an uncontrolled copy, and may lack important information
or contain factual errors.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBUvxDcxLndAQH1ShLAQLxFg/+OVbcGgoVDHsmRohYW6uHfnngSrFSUHqs
m4N2sHFXGHSFXd286yk6LGTqwFvFJOjSq7i7G8VS+dr12BsPasTJ1mDloJLeS36o
qa7MqwyDgDC6OJS9pIwlOFFUz+yS6Wqwme58WxhOUHFcrsiRZ6KJRuvJQ/8PmwrO
kPJDrvxB/VTcusp88ZKgysHD6kebaibJkYpDWwSFctGpiehPBA2lsg/kbgk25lhY
vUokxhAtNeUpRJjL6BRxI9fH/abS0+2nwNF7i5KIYIB1mUji3g6Nk3wumMFJZVMM
eq9mogPuL88RI2MFWSds2gJaHFrtdP0MNT9nJ3C5e8HvBEFhdw3uk6Q1nAuPrB55
kh5dL8iJ8v3B6YzRtijkQVnYR2ujO0FJr/uPJZIBiaik73eZAfpqweJIZfITjWt4
QyWfNqXK0qAKmqr9sf2K2Lc+Z75aMsNustezRjn/s4jaB5O8bRFBMUJgAwjzfFwb
Tm2mlGAf15IP81Yt8rTbL3d5rPcodTUhiaJZpqIfdSHMaD7UgVBVLixQRGaUHLlB
rqV/nBQ1rJ4Z0NvbWc4/YqbY5Ry1AGIvHafcwLczV5h1JFI3KXv6w31+2a6zdBnS
qfxAwiBhBckf31NkmU2QQf6GZJpxoTpRJSWAGt8sempJTu6iv8sAye5qFBcrYW9q
rQICast5Reo=
=RFNk
-----END PGP SIGNATURE-----