ID de Prueba:	1.3.6.1.4.1.25623.1.0.805097
Categoría:	CISCO
Título:	Cisco Unified Communications Manager Multiple Vulnerabilities
Resumen:	Cisco Unified Communications Manager is prone to multiple vulnerabilities.
Descripción:	Summary: Cisco Unified Communications Manager is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to: - Authenticated users of CUCM can access limited functionality via the web interface and Cisco console (SSH on port 22). Because the SSH server is configured to process several environment variables from the client and a vulnerable version of bash is used, it is possible to exploit command injection via specially crafted environment variables. - The application allows users to view the contents of any locally accessible files on the web server through a vulnerability known as LFI (Local File Inclusion). - The pingExecute servlet allows unauthenticated users to execute pings to arbitrary IP addresses. This could be used by an attacker to enumerate the internal network. - Authentication for some methods in the EPAS SOAP interface can be bypassed by using a hardcoded session ID. The methods 'GetUserLoginInfoHandler' and 'GetLoggedinXMPPUserHandler' are affected. Vulnerability Impact: Successful exploitation may allow remote attackers to spawn a shell running as the user 'admin', enumerate the internal network, view the contents of any locally accessible files on the web server. Affected Software/OS: Cisco Unified Communications Manager 9.x < 9.2, 10.x < 10.5.2, 11.x < 11.0.1. Solution: Upgrade to CUCM version 9.2, 10.5.2 or 11.0.1 pr later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.