Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
649
Views
0
Helpful
0
Replies

CSCwe89928 - Cisco Unified Communications Manager SQL Injection

maxmeisel
Level 4
Level 4

‎09-06-2023 01:10 AM - edited ‎09-06-2023 01:12 AM

On the symptoms sections of the vulnerability, it is only mentioned that the web-based management interface of CUCM allows an attack of an authenticated attacker.

This information doesn't clarify or further specify if all web-based managements are affected or only parts, as different user are only able to authenticate to specific parts of the web-based management.

https://CUCM:8443/ucmuser/

https://CUCM:8443/ccmservice
https://CUCM:8443/ccmadmin
https://CUCM:8443/cucreports
https://CUCM:8443/cmplatform
https://CUCM:8443/drf

The attack vector would be much bigger if the SQL injection is feasible via ucmuser if enabled because basically all user on the system are able to authenticate.

Does anyone have more details on this to share?

 

Edit added sources.

Sources:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-injection-g6MbwH2

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe89928

 

2 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents