CISCO : Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.107071

Category: CISCO

Title: Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability

Summary: A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and;Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote;attacker to modify configuration parameters of the UMS and cause the system to become unavailable.;;The vulnerability is due to insufficient authentication for the interdevice communications interface;access. An attacker could exploit this issue by accessing the interdevice communications interface;and making changes to the UMS configuration, causing the system to become unavailable.;;Cisco has released software updates that address this vulnerability. There are no workarounds that;address this vulnerability.

Description: Summary:
A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and
Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote
attacker to modify configuration parameters of the UMS and cause the system to become unavailable.

The vulnerability is due to insufficient authentication for the interdevice communications interface
access. An attacker could exploit this issue by accessing the interdevice communications interface
and making changes to the UMS configuration, causing the system to become unavailable.

Cisco has released software updates that address this vulnerability. There are no workarounds that
address this vulnerability.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-6397
BugTraq ID: 93913
http://www.securityfocus.com/bid/93913

Copyright Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.107071
Category:	CISCO
Title:	Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability
Summary:	A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and;Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote;attacker to modify configuration parameters of the UMS and cause the system to become unavailable.;;The vulnerability is due to insufficient authentication for the interdevice communications interface;access. An attacker could exploit this issue by accessing the interdevice communications interface;and making changes to the UMS configuration, causing the system to become unavailable.;;Cisco has released software updates that address this vulnerability. There are no workarounds that;address this vulnerability.
Description:	Summary: A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. The vulnerability is due to insufficient authentication for the interdevice communications interface access. An attacker could exploit this issue by accessing the interdevice communications interface and making changes to the UMS configuration, causing the system to become unavailable. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. Solution: See the referenced vendor advisory for a solution. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6397 BugTraq ID: 93913 http://www.securityfocus.com/bid/93913
Copyright	Copyright (C) 2016 Greenbone AG