Computer Security
[EN] securityvulns.ru no-pyccku


Cisco CallManager / Unified Communications Manager privilege escalation
Published:12.03.2009
Source:
SecurityVulns ID:9739
Type:remote
Threat Level:
6/10
Description:During authentication process for address book synchronization, full access account credentials are leaked to client.
Affected:CISCO : Unified CallManager 4.1
 CISCO : Unified Communications Manager 4.2
 CISCO : Unified Communications Manager 4.3
 CISCO : Unified Communications Manager 5.1
 CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.0
CVE:CVE-2009-0632 (The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x.)
Original documentdocumentCISCO, Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability (12.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod