cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5983
Views
0
Helpful
2
Replies

cvp 11.5 Java JMX RMI Accessible with Common Credentials

mkhriesa
Level 1
Level 1

Hello,

we need to solve variability on our cvp

 

CVE ID: CVE-2015-0225

THREAT:
Java JMX interface is accessible via following username/password pairs:
admin/password
admin/admin
admin/activemq
monitorRole/QED
controlRole/R%26D
controlrole/password
monitorrole/password
cassandra/cassandrapassword
monitorRole/tomcat
controlRole/tomcat
monitorRole/mrpasswd
controlRole/crpasswd
role1/role1passwd
role2/role2passwd
role3/role3passwd
admin/thisIsSupposedToBeAStrongPassword!
QID Detection Logic (Authenticated):
This QID tries to log into JMX RMI server using above credentials.
Note:if remote JMX RMI sever
accessible without authentication. all of above credentials will post.
IMPACT:
Successful exploitation allows attacker to execute arbitrary Java code.
SOLUTION:
Change the common password.

 

which password?

2 Replies 2

uzzislx04
Level 1
Level 1

I opened a TAC case on this and this was TAC's response: 

 

For CVP  we have CSCvp98656 as enhancement request to harder access to JMX.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp98656

 

And the workaround is to disable JCONSOLE access with enable secure communication.

For detail see this link. https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/customer_voice_portal/cvp11_6/configuration/guide/cvvp_b_configuration-guide-for-cisco-unified/cvvp_b_configuration-guide-for-cisco-unified_chapter_010000.pdf

 

The problem is, the guide to do this is very ambiguous and the steps are not well explained.  I have reached back out to TAC for clarity on this before I make these changes.  

 

 

Hi,

 

Did you manage to find a solution for this. I am in the same boat and cisco TAC isn’t of much help. I am stumped at the CA signed client certificates and CA signed client certs for OAMP section.