The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.
{"seebug": [{"lastseen": "2017-11-19T21:37:32", "description": "BUGTRAQ ID: 29935\r\nCVE(CAN) ID: CVE-2008-2062,CVE-2008-2730\r\n\r\nCisco Unified Communications Manager\uff08CUCM\uff0c\u4e4b\u524d\u88ab\u79f0\u4e3aCallManager\uff09\u662fCisco IP\u7535\u8bdd\u89e3\u51b3\u65b9\u6848\u4e2d\u7684\u547c\u53eb\u5904\u7406\u7ec4\u4ef6\u3002\r\n\r\nCUCM\u7684\u5b9e\u65f6\u4fe1\u606f\u670d\u52a1\u5668\uff08RIS\uff09\u6570\u636e\u6536\u96c6\u5668\u670d\u52a1\u5b58\u5728\u7ed5\u8fc7\u8ba4\u8bc1\u6f0f\u6d1e\uff0c\u53ef\u80fd\u5bfc\u81f4\u975e\u6388\u6743\u6cc4\u9732\u67d0\u4e9bCUCM\u96c6\u7fa4\u4fe1\u606f\u3002\r\n\r\n\u5728\u6b63\u5e38\u7684\u64cd\u4f5c\u4e2d\uff0c\u5b9e\u65f6\u76d1\u63a7\u5de5\u5177\uff08RTMT\uff09\u5ba2\u6237\u7aef\u901a\u8fc7\u8ba4\u8bc1\u5230\u57fa\u4e8eWeb\u63a5\u53e3\u7684\u7b80\u5355\u5bf9\u8c61\u8bbf\u95ee\u534f\u8bae\uff08SOAP\uff09\u6536\u96c6CUCM\u96c6\u7fa4\u7edf\u8ba1\uff0cSOAP\u63a5\u53e3\u5c06\u8ba4\u8bc1\u7684\u8fde\u63a5\u4ee3\u7406\u5230RIS\u6570\u636e\u6536\u96c6\u5668\u8fdb\u7a0b\u3002RIS\u6570\u636e\u6536\u96c6\u5668\u670d\u52a1\u9ed8\u8ba4\u76d1\u542c\u4e8eTCP 2556\u7aef\u53e3\uff0c\u662f\u7528\u6237\u53ef\u914d\u7f6e\u7684\u3002\u5982\u679c\u76f4\u63a5\u8fde\u63a5\u5230RIS\u6570\u636e\u6536\u96c6\u5668\u8fdb\u7a0b\u6240\u76d1\u542c\u7684\u7aef\u53e3\uff0c\u5c31\u53ef\u4ee5\u7ed5\u8fc7\u8ba4\u8bc1\u68c0\u67e5\u83b7\u5f97\u5bf9CUCM\u96c6\u7fa4\u4fe1\u606f\u7684\u53ea\u8bfb\u8bbf\u95ee\u3002\u53ef\u83b7\u5f97\u7684\u4fe1\u606f\u5305\u62ec\u6027\u80fd\u7edf\u8ba1\u3001\u7528\u6237\u540d\u548c\u914d\u7f6e\u7684IP\u7535\u8bdd\uff0c\u8fd9\u4e9b\u4fe1\u606f\u53ef\u80fd\u88ab\u7528\u4e8e\u53d1\u52a8\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u3002\n\nCisco Unified CallManager 4.1\r\nCisco Unified Communications Manager 6.x\r\nCisco Unified Communications Manager 5.x\r\nCisco Unified Communications Manager 4.3\r\nCisco Unified Communications Manager 4.2\n \u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5141\u8bb8\u6765\u81ea\u5176\u4ed6CUCM\u96c6\u7fa4\u7cfb\u7edf\u7684\u5bf9TCP 2556\u7aef\u53e3\u7684\u8bbf\u95ee\u3002\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nCisco\r\n-----\r\nCisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20080625-cucm\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\ncisco-sa-20080625-cucm\uff1aCisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities\r\n\u94fe\u63a5\uff1a<a href=http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml target=_blank>http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml</a>\r\n\r\n\u8865\u4e01\u4e0b\u8f7d\uff1a\r\n<a href=http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=280264388&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20CallManager%20Version%204.2&isPlatform=N&treeMdfId=278875240&modifmdid=null&imname=null&hybrid=Y&imst=N target=_blank>http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=280264388&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20CallManager%20Version%204.2&isPlatform=N&treeMdfId=278875240&modifmdid=null&imname=null&hybrid=Y&imst=N</a>\r\n<a href=http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=280771554&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%204.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N target=_blank>http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=280771554&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%204.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N</a>\r\n<a href=http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=null&isPlatform=Y&mdfid=280735907&sftType=Unified%20Communications%20Manager%20Updates&treeName=Voice%20and%20Unified%20Communications&modelName=Cisco%20Unified%20Communications%20Manager%20Version%205.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N target=_blank>http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=null&isPlatform=Y&mdfid=280735907&sftType=Unified%20Communications%20Manager%20Updates&treeName=Voice%20and%20Unified%20Communications&modelName=Cisco%20Unified%20Communications%20Manager%20Version%205.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N</a>\r\n<a href=http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=281023410&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%206.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N target=_blank>http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=281023410&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%206.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N</a>", "published": "2008-06-28T00:00:00", "type": "seebug", "title": "Cisco Unified Communications Manager RIS\u6570\u636e\u6536\u96c6\u5668\u670d\u52a1\u7ed5\u8fc7\u8ba4\u8bc1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-2062", "CVE-2008-2730"], "modified": "2008-06-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-3484", "id": "SSV:3484", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "securityvulns": [{"lastseen": "2021-06-08T18:50:47", "bulletinFamily": "software", "cvelist": ["CVE-2008-2730", "CVE-2008-2062", "CVE-2008-2061"], "description": "Computer Telephony Integration Manager DoS (TCP/2748) The Real-Time Information Server SOAP interface (TCP/2556) unauthorized access.", "edition": 2, "modified": "2008-06-25T00:00:00", "published": "2008-06-25T00:00:00", "id": "SECURITYVULNS:VULN:9110", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9110", "title": "Cisco Unified Communications Manager multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:26", "bulletinFamily": "software", "cvelist": ["CVE-2008-2730", "CVE-2008-2062", "CVE-2008-2061"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nCisco Security Advisory: Cisco Unified Communications Manager Denial\r\n of Service and Authentication Bypass\r\n Vulnerabilities\r\n\r\nAdvisory ID: cisco-sa-20080625-cucm\r\n\r\nRevision 1.0\r\n\r\nFor Public Release 2008 June 25 1600 UTC (GMT)\r\n\r\n+---------------------------------------------------------------------\r\n\r\nSummary\r\n=======\r\n\r\nCisco Unified Communications Manager (CUCM), formerly Cisco\r\nCallManager, contains a denial of service (DoS) vulnerability in the\r\nComputer Telephony Integration (CTI) Manager service that may cause\r\nan interruption in voice services and an authentication bypass\r\nvulnerability in the Real-Time Information Server (RIS) Data\r\nCollector that may expose information that is useful for\r\nreconnaissance.\r\n\r\nCisco has released free software updates that address these\r\nvulnerabilities. There are no workarounds for these vulnerabilities.\r\n\r\nThis advisory is posted at\r\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml.\r\n\r\nAffected Products\r\n=================\r\n\r\nVulnerable Products\r\n+------------------\r\n\r\nThe following products are vulnerable:\r\n\r\n * Cisco Unified CallManager 4.1 versions\r\n * Cisco Unified Communications Manager 4.2 versions prior to 4.2(3)SR4\r\n * Cisco Unified Communications Manager 4.3 versions prior to 4.3(2)SR1\r\n * Cisco Unified Communications Manager 5.x versions prior to 5.1(3c)\r\n * Cisco Unified Communications Manager 6.x versions prior to 6.1(2)\r\n\r\nAdministrators of systems running Cisco Unified Communications\r\nManager (CUCM) version 4.x can determine the software version by\r\nnavigating to Help > About Cisco Unified CallManager and selecting\r\nthe Details button via the CUCM administration interface.\r\n\r\nAdministrators of systems that are running CUCM versions 5.x and 6.x\r\ncan determine the software version by viewing the main page of the\r\nCUCM administration interface. The software version can also be\r\ndetermined by running the command show version active via the command\r\nline interface (CLI).\r\n\r\nProducts Confirmed Not Vulnerable\r\n+--------------------------------\r\n\r\nCisco Unified Communications Manager Express is not affected by these\r\nvulnerabilities. No other Cisco products are currently known to be\r\naffected by these vulnerabilities.\r\n\r\nDetails\r\n=======\r\n\r\nCisco Unified Communications Manager (CUCM) is the call processing\r\ncomponent of the Cisco IP Telephony solution that extends enterprise\r\ntelephony features and functions to packet telephony network devices,\r\nsuch as IP phones, media processing devices, VoIP gateways, and\r\nmultimedia applications.\r\n\r\nComputer Telephony Integration Manager Related Vulnerability\r\n\r\nThe Computer Telephony Integration (CTI) Manager service of CUCM\r\nversions 5.x and 6.x contains a vulnerability when handling malformed\r\ninput that may result in a DoS condition. The CTI Manager service\r\nlistens by default on TCP port 2748 and is not user-configurable.\r\nThere is no workaround for this vulnerability. This vulnerability is\r\nfixed in CUCM versions 5.1(3c) and 6.1(2). This vulnerability is\r\ndocumented in Cisco Bug ID CSCso75027 and has been assigned Common\r\nVulnerabilities and Exposures (CVE) identifier CVE-2008-2061.\r\n\r\nReal-Time Information Server Data Collector Related Vulnerability\r\n\r\nThe Real-Time Information Server (RIS) Data Collector service of CUCM\r\nversions 4.x, 5.x, and 6.x contains an authentication bypass\r\nvulnerability that may result in the unauthorized disclosure of\r\ncertain CUCM cluster information. In normal operation, Real-Time\r\nMonitoring Tool (RTMT) clients gather CUCM cluster statistics by\r\nauthenticating to a Simple Object Access Protocol (SOAP) based web\r\ninterface. The SOAP interface proxies authenticated connections to\r\nthe RIS Data Collector process. The RIS Data Collector service\r\nlistens on TCP port 2556 by default and is user configurable. By\r\nconnecting directly to the port that the RIS Data Collector process\r\nlistens on, it may be possible to bypass authentication checks and\r\ngain read-only access to information about a CUCM cluster. The\r\ninformation available includes performance statistics, user names,\r\nand configured IP phones. This information may be used to mount\r\nfurther attacks. No passwords or other sensitive CUCM configuration\r\nmay be obtained via this vulnerability. No CUCM configuration changes\r\ncan be made.\r\n\r\nThere is no workaround for this vulnerability. This vulnerability is\r\nfixed in CUCM versions 4.2(3)SR4, 4.3(2)SR1, 5.1(3), and 6.1(1). For\r\nCUCM 4.x versions, this vulnerability is documented in Cisco Bug ID\r\nCSCsq35151 and has been assigned CVE identifier CVE-2008-2062. For\r\nCUCM 5.x and 6.x versions, this vulnerability is documented in Cisco\r\nBug ID CSCsj90843 and has been assigned CVE identifier CVE-2008-2730.\r\n\r\nVulnerability Scoring Details\r\n=============================\r\n\r\nCisco has provided scores for the vulnerabilities in this advisory\r\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\r\nscoring in this Security Advisory is done in accordance with CVSS\r\nversion 2.0.\r\n\r\nCVSS is a standards-based scoring method that conveys vulnerability\r\nseverity and helps determine urgency and priority of response.\r\n\r\nCisco has provided a base and temporal score. Customers can then\r\ncompute environmental scores to assist in determining the impact of\r\nthe vulnerability in individual networks.\r\n\r\nCisco has provided an FAQ to answer additional questions regarding\r\nCVSS at:\r\n\r\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\r\n\r\nCisco has also provided a CVSS calculator to help compute the\r\nenvironmental impact for individual networks at:\r\n\r\nhttp://intellishield.cisco.com/security/alertmanager/cvss\r\n\r\n\r\nCSCso75027 - CTI Manager TSP Crash\r\n\r\nCVSS Base Score - 7.8\r\n Access Vector - Network\r\n Access Complexity - Low\r\n Authentication - None\r\n Confidentiality Impact - None\r\n Integrity Impact - None\r\n Availability Impact - Complete\r\n\r\nCVSS Temporal Score - 6.4\r\n Exploitability - Functional\r\n Remediation Level - Official Fix\r\n Report Confidence - Confirmed\r\n \r\nCSCsq35151 - RISDC Authentication Bypass\r\n\r\nCVSS Base Score - 5\r\n Access Vector - Network\r\n Access Complexity - Low\r\n Authentication - None\r\n Confidentiality Impact - Partial\r\n Integrity Impact - None\r\n Availability Impact - None\r\n\r\nCVSS Temporal Score - 4.1\r\n Exploitability - Functional\r\n Remediation Level - Official Fix\r\n Report Confidence - Confirmed\r\n\r\nCSCsj90843 - RISDC Authentication Bypass\r\n\r\nCVSS Base Score - 5\r\n Access Vector - Network\r\n Access Complexity - Low\r\n Authentication - None\r\n Confidentiality Impact - Partial\r\n Integrity Impact - None\r\n Availability Impact - None\r\n\r\nCVSS Temporal Score - 4.1\r\n Exploitability - Functional\r\n Remediation Level - Official Fix\r\n Report Confidence - Confirmed\r\n\r\nImpact\r\n======\r\n\r\nSuccessful exploitation of the vulnerabilities in this advisory may\r\nresult in the interruption of voice services or disclosure of\r\ninformation useful for reconnaissance.\r\n\r\nSoftware Versions and Fixes\r\n===========================\r\n\r\nWhen considering software upgrades, also consult http://www.cisco.com/go/psirt\r\nand any subsequent advisories to determine exposure and a\r\ncomplete upgrade solution.\r\n\r\nIn all cases, customers should exercise caution to be certain the\r\ndevices to be upgraded contain sufficient memory and that current\r\nhardware and software configurations will continue to be supported\r\nproperly by the new release. If the information is not clear, contact\r\nthe Cisco Technical Assistance Center (TAC) or your contracted\r\nmaintenance provider for assistance.\r\n\r\nCisco Unified Communications Manager (CUCM) version 4.2(3)SR4\r\ncontains fixes for all vulnerabilities affecting CUCM version 4.2\r\nlisted in this advisory. Cisco Unified CallManager 4.1 version\r\nadministrators are encouraged to upgrade to CUCM version 4.2(3)SR4 in\r\norder to obtain fixed software. Version 4.2(3)SR4 can be downloaded\r\nat the following link:\r\n\r\nhttp://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=280264388&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20CallManager%20Version%204.2&isPlatform=N&treeMdfId=278875240&modifmdid=null&imname=null&hybrid=Y&imst=N\r\n\r\nCUCM version 4.3(2)SR1 contains fixes for all vulnerabilities\r\naffecting CUCM version 4.3 listed in this advisory and is scheduled\r\nto be released in mid-July, 2008. Version 4.3(2)SR1 will be available\r\nfor download at the following link:\r\n\r\nhttp://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=280771554&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%204.3&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N\r\n\r\nCUCM version 5.1(3c) contains fixes for all vulnerabilities affecting\r\nCUCM version 5.x listed in this advisory. Version 5.1(3c) can\r\ndownloaded at the following link:\r\n\r\nhttp://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=null&isPlatform=Y&mdfid=280735907&sftType=Unified%20Communications%20Manager%20Updates&treeName=Voice%20and%20Unified%20Communications&modelName=Cisco%20Unified%20Communications%20Manager%20Version%205.1&mdfLevel=Software%20Version/Option&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N\r\n\r\nCUCM version 6.1(2) contains fixes for all vulnerabilities affecting\r\nCUCM version 6.x listed in this advisory. Version 6.1(2) can be\r\ndownloaded at the following link:\r\n\r\nhttp://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified%20Communications%20Manager%20Updates&mdfid=281023410&treeName=Voice%20and%20Unified%20Communications&mdfLevel=Software%20Version/Option&url=null&modelName=Cisco%20Unified%20Communications%20Manager%20Version%206.1&isPlatform=N&treeMdfId=278875240&modifmdfid=null&imname=null&hybrid=Y&imst=N\r\n\r\nWorkarounds\r\n===========\r\n\r\nCTI Manager Related Vulnerability\r\n\r\nIt is possible to mitigate the CTI Manager vulnerability (CSCso75027)\r\nby implementing filtering on screening devices. Administrators are\r\nadvised to permit access to TCP port 2748 only from networks that\r\ncontain systems running CTI-enabled applications.\r\n\r\nRIS Data Collector Related Vulnerability\r\n\r\nIt is possible to mitigate the RIS Data Collector vulnerability\r\n(CSCsq35151 and CSCsj90843) by implementing filtering on screening\r\ndevices. Administrators are advised to permit access to TCP port 2556\r\nonly from other CUCM cluster systems.\r\n\r\nIt is possible to change the default port (TCP 2556) of the RIS Data\r\nCollector service. If changed, filtering should be based on the\r\nvalues used. The values of the ports can be viewed in the Cisco\r\nUnified Communications Manager (CUCM) administration interface by\r\nfollowing the System > Service Parameters menu and selecting the\r\nappropriate service.\r\n\r\nAdditional mitigation techniques that can be deployed on Cisco\r\ndevices within the network are available in the Cisco Applied\r\nMitigation Bulletin companion document for this advisory:\r\n\r\nhttp://www.cisco.com/warp/public/707/cisco-amb-20080625-cucm.shtml\r\n\r\nObtaining Fixed Software\r\n========================\r\n\r\nCisco has released free software updates that address these\r\nvulnerabilities. Prior to deploying software, customers should\r\nconsult their maintenance provider or check the software for feature\r\nset compatibility and known issues specific to their environment.\r\n\r\nCustomers may only install and expect support for the feature sets\r\nthey have purchased. By installing, downloading, accessing or\r\notherwise using such software upgrades, customers agree to be bound\r\nby the terms of Cisco's software license terms found at\r\nhttp://www.cisco.com/en/US/products/prod_warranties_item09186a008088e31f.html,\r\nor as otherwise set forth at Cisco.com Downloads at\r\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml.\r\n\r\nDo not contact psirt@cisco.com or security-alert@cisco.com for\r\nsoftware upgrades.\r\n\r\nCustomers with Service Contracts\r\n+-------------------------------\r\n\r\nCustomers with contracts should obtain upgraded software through\r\ntheir regular update channels. For most customers, this means that\r\nupgrades should be obtained through the Software Center on Cisco's\r\nworldwide website at http://www.cisco.com.\r\n\r\nCustomers using Third Party Support Organizations\r\n+------------------------------------------------\r\n\r\nCustomers whose Cisco products are provided or maintained through\r\nprior or existing agreements with third-party support organizations,\r\nsuch as Cisco Partners, authorized resellers, or service providers\r\nshould contact that support organization for guidance and assistance\r\nwith the appropriate course of action in regards to this advisory.\r\n\r\nThe effectiveness of any workaround or fix is dependent on specific\r\ncustomer situations, such as product mix, network topology, traffic\r\nbehavior, and organizational mission. Due to the variety of affected\r\nproducts and releases, customers should consult with their service\r\nprovider or support organization to ensure any applied workaround or\r\nfix is the most appropriate for use in the intended network before it\r\nis deployed.\r\n\r\nCustomers without Service Contracts\r\n+----------------------------------\r\n\r\nCustomers who purchase direct from Cisco but do not hold a Cisco\r\nservice contract, and customers who purchase through third-party\r\nvendors but are unsuccessful in obtaining fixed software through\r\ntheir point of sale should acquire upgrades by contacting the Cisco\r\nTechnical Assistance Center (TAC). TAC contacts are as follows.\r\n\r\n * +1 800 553 2447 (toll free from within North America)\r\n * +1 408 526 7209 (toll call from anywhere in the world)\r\n * e-mail: tac@cisco.com\r\n\r\nCustomers should have their product serial number available and be\r\nprepared to give the URL of this notice as evidence of entitlement to\r\na free upgrade. Free upgrades for non-contract customers must be\r\nrequested through the TAC.\r\n\r\nRefer to http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml\r\nfor additional TAC contact information, including localized telephone\r\nnumbers, and instructions and e-mail addresses for use in various\r\nlanguages.\r\n\r\nExploitation and Public Announcements\r\n=====================================\r\n\r\nThe Cisco PSIRT is not aware of any public announcements or malicious\r\nuse of the vulnerability described in this advisory.\r\n\r\nCisco PSIRT greatly appreciates the opportunity to work with\r\nresearchers on security vulnerabilities and welcomes the opportunity\r\nto review and assist in product reports. We would like to thank\r\nVoIPshield for working with us towards the goal of keeping Cisco\r\nnetworks and the Internet, as a whole, secure.\r\n\r\nStatus of this Notice: FINAL\r\n\r\nTHIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY\r\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\r\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\r\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\r\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\r\nDOCUMENT AT ANY TIME.\r\n\r\nA stand-alone copy or Paraphrase of the text of this document that\r\nomits the distribution URL in the following section is an\r\nuncontrolled copy, and may lack important information or contain\r\nfactual errors.\r\n\r\nDistribution\r\n============\r\n\r\nThis advisory is posted on Cisco's worldwide website at :\r\n\r\nhttp://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml\r\n\r\nIn addition to worldwide web posting, a text version of this notice\r\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\r\nfollowing e-mail and Usenet news recipients.\r\n\r\n * cust-security-announce@cisco.com\r\n * first-teams@first.org\r\n * bugtraq@securityfocus.com\r\n * vulnwatch@vulnwatch.org\r\n * cisco@spot.colorado.edu\r\n * cisco-nsp@puck.nether.net\r\n * full-disclosure@lists.grok.org.uk\r\n * comp.dcom.sys.cisco@newsgate.cisco.com\r\n\r\nFuture updates of this advisory, if any, will be placed on Cisco's\r\nworldwide website, but may or may not be actively announced on\r\nmailing lists or newsgroups. Users concerned about this problem are\r\nencouraged to check the above URL for any updates.\r\n\r\nRevision History\r\n================\r\n\r\n+---------------------------------------+\r\n| Revision | | Initial |\r\n| 1.0 | 2008-June-25 | public |\r\n| | | release |\r\n+---------------------------------------+\r\n\r\nCisco Security Procedures\r\n=========================\r\n\r\nComplete information on reporting security vulnerabilities in Cisco\r\nproducts, obtaining assistance with security incidents, and\r\nregistering to receive security information from Cisco, is available\r\non Cisco's worldwide website at http://www.cisco.com/en/US/products/\r\nproducts_security_vulnerability_policy.html. This includes\r\ninstructions for press inquiries regarding Cisco security notices.\r\nAll Cisco security advisories are available at http://www.cisco.com/\r\ngo/psirt.\r\n-----BEGIN PGP SIGNATURE-----\r\n\r\niD8DBQFIYmPu86n/Gc8U/uARAnjvAJ9P4Ph/Lcj8OcF1ptXKm75OHJeNuQCfdcS2\r\nN0WGH2mNx0asIo4pzmCb4VE=\r\n=/vU7\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2008-06-25T00:00:00", "published": "2008-06-25T00:00:00", "id": "SECURITYVULNS:DOC:20078", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20078", "title": "Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cisco": [{"lastseen": "2022-06-05T10:06:40", "description": "", "cvss3": {}, "published": "2008-06-25T16:00:00", "type": "cisco", "title": "Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2061", "CVE-2008-2062", "CVE-2008-2730"], "modified": "2008-06-25T16:00:00", "id": "CISCO-SA-20080625-CUCM", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080625-cucm", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}
CVE-2008-2062
