Security Issues Addressed for Cisco Unified Communications Manager

Cisco has announced that certain versions of Cisco Unified Communications Manager (Cisco Unified CM) are vulnerable to remote hacker attacks such as

• Blind Structured Query Language (SQL) injection
• Command injection
• Privilege escalation

Temporary Fix

Cisco explains how they found out about the problem through independent researchers:

On June 6, 2013, a French security firm, Lexfo, delivered a public presentation on VoIP security that included a demonstration of multiple vulnerabilities used to compromise Cisco Unified CM. During the presentation, the researchers demonstrated a multistaged attack that chained a number of vulnerabilities, which resulted in a complete compromise of the Cisco Unified CM server. 

A Cisco Options Package (COP) file has been released as a temporary fix to shore up the weaknesses and can be found on the Cisco download page. Look for the file named:

• cmterm-CSCuh01051-2.cop.sgn

Vulnerable Products

These versions of Cisco Unified CM are known to be vulnerable:

• Cisco Unified Communications Manager 7.1(x)
• Cisco Unified Communications Manager 8.5(x)
• Cisco Unified Communications Manager 8.6(x)
• Cisco Unified Communications Manager 9.0(x)
• Cisco Unified Communications Manager 9.1(x)

These additional Cisco products might be vulnerable to the same products but, they haven’t been confirmed yet:

• Cisco Emergency Responder
• Cisco Unified Contact Center Express
• Cisco Unified Customer Voice Portal
• Cisco Unified Presence Server/Cisco IM and Presence Service
• Cisco Unity Connection

Lucian Constantin at PCWorld is also reporting that Cisco has warned users of denial-of-service (DoS) attacks could affect these products:

• Cisco ASA 5500-X Series Adaptive Security Appliances
• Cisco IPS 4500 Series Sensors
• Cisco IPS 4300 Series Sensors

Via Cisco and PCWorld