TTCSIRT-091.022318: TT-CSIRT Advisory – Cisco Security Updates

TTCSIRT-091.022318: TT-CSIRT Advisory – Cisco Security Updates

Cisco has a released a security update stating that a vulnerability has been identified in the application configuration of Cisco Unified Communications Domain Manager where an insecure key is generated during application configuration allowing an attacker to exploit this by using a known insecure key value to bypass security protections by sending arbitrary requests using the insecure key to a targeted application.

Successful exploitation of this vulnerability could result in remote code execution, security protection bypass, and privilege escalation, all within the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of this vulnerability could have less impact than if it was configured with administrative rights.

Further information on this vulnerability and how to can mitigated can be found at https://www.cisecurity.org/advisory/a-vulnerability-in-cisco-unified-communications-domain-manager-could-allow-for-remote-code-execution_2018-021/