Cisco CallManager/Unified Communications Manager Logon Page XSS and SQL InjectionThursday, 30 August 2007Summary
Cisco CallManager and Unified Communications Manager are vulnerable to cross-site Scripting (XSS) and SQL Injection attacks in the lang variable of the admin and user logon pages. A successful attack may allow an attacker to run JavaScript on computer systems connecting to CallManager or Unified Communications Manager servers, and has the potential to disclose information within the database.
Cisco has made free software available to address these vulnerabilities for affected customers.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20070829-ccm.shtml.
Vulnerable Products
Cisco CallManager and Unified Communications Manager versions prior to the following are affected by these vulnerabilities:
- 3.3(5)sr2b
- 4.1(3)sr5
- 4.2(3)sr2
- 4.3(1)sr1
The software version of a CallManager or Unified Communications Manager system can be determined by navigating to Show > Software via the administration interface.
For Unified Communications Manager version 5.0, the software version can also be determined by running the command show version active in the Command Line Interface (CLI).
For CallManager and Unified Communications Manager version 3.x and 4.x systems, the software version can be determined by navigating to Help > About Cisco Unified CallManager and selecting the Details button via the administration interface.
Note: Cisco Unified CallManager versions 4.3, 5.1 and 6.0 have been renamed to Cisco Unified Communications Manager. Software versions 3.3, 4.0, 4.1, 4.2 and 5.0 retain the Cisco Unified CallManager name.
Products confirmed not vulnerable
No other Cisco products are known to be affected by this vulnerability.
No other versions of CallManager or Unified Communications Manager are vulnerable.
For more details about the vulnerabilities, read the original advisory at:
http://www.cisco.com/warp/public/707/cisco-sa-20070829-ccm.shtml.
Share this content:
|