Release Date: 30-Oct-2014

Last Update: –

Vendor Notification Date: 17-Jan-2014

Product: Cisco Unified Communications Domain Manager

Platform: –

Affected versions: –

Severity Rating: High / Medium / Low

Impact: Privilege escalation
Security bypass
Spoofing
Exposure of sensitive information

Attack Vector: Remote without authentication

Solution Status: Vendor patch
Vendor workaround

CVE reference: CVE-2014-3278
CVE-2014-3281
CVE-2014-3300

Details

Multiple high risk security vulnerabilities were detected in the IP phone services of the Cisco Unified Communications Domain Manager (a.k.a. CUCDM or VOSS Solutions Domain Manager). The security vulnerabilities can be used to obtain unauthorised access to the CUCDM services, to bypass the authorisation scheme for the IP phones and to compromise the hosted VoIP services and infrastructure.

Please refer to the PDF version of this advisory for proof of concept code examples.

Solution

All vendor security fixes must be installed. All Cisco CUCDM customers must migrate from the BVSMWeb interface of the CUCDM to the Cisco Unified Communication Manager IP telephony management services.

Discovered By

Fatih Ozavci from Sense of Security Labs.