Sign-up

ID

VAR-200806-0202


CVE

CVE-2008-2062


TITLE

Cisco Unified Communications Manager of RIS Data Collector Authentication bypass vulnerability in services

Trust: 0.8

sources: JVNDB: JVNDB-2008-002003

DESCRIPTION

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151. The problem is Bug ID : CSCsq35151 It is a problem.Please refer to the “Overview” for the impact of this vulnerability. Attackers can exploit this issue to gain read-only access to potentially sensitive information about a CUCM cluster. Information harvested can aid in further attacks. The following versions of CUCM are affected: 4.2 prior to 4.2(3)SR4 4.3 prior to 4.3(2)SR1 5.0 prior to 5.1(3c) 6.0 prior to 6.1(2) Unified CallManager 4.1 versions are also affected. In normal operation, Real-Time Monitoring Tool (RTMT) clients collect CUCM cluster statistics by authenticating to the Simple Object Access Protocol (SOAP)-based web interface, which proxies the authenticated connection to the RIS data collector process. 1) An unspecified error in the Computer Telephony Integration (CTI) Manager service can be exploited to cause a DoS by sending a specially crafted packet to port 2748/TCP. information about performance statistics, user names, and configured IP phones. PROVIDED AND/OR DISCOVERED BY: VoIPshield CHANGELOG: 2008-06-26: Added links to VoIPshield. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml VoIPshield: http://www.voipshield.com/research-details.php?id=64 http://www.voipshield.com/research-details.php?id=65 http://www.voipshield.com/research-details.php?id=66 http://www.voipshield.com/research-details.php?id=67 http://www.voipshield.com/research-details.php?id=68 http://www.voipshield.com/research-details.php?id=69 http://www.voipshield.com/research-details.php?id=70 http://www.voipshield.com/research-details.php?id=71 http://www.voipshield.com/research-details.php?id=72 http://www.voipshield.com/research-details.php?id=73 http://www.voipshield.com/research-details.php?id=74 http://www.voipshield.com/research-details.php?id=75 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.16

sources: NVD: CVE-2008-2062 // JVNDB: JVNDB-2008-002003 // BID: 29935 // VULHUB: VHN-32187 // VULMON: CVE-2008-2062 // PACKETSTORM: 67722

AFFECTED PRODUCTS

vendor:ciscomodel:unified communications managerscope:eqversion:4.3

Trust: 1.7

vendor:ciscomodel:unified communications managerscope:eqversion:4.2

Trust: 1.4

vendor:ciscomodel:unified communications managerscope:ltversion:4.2\(3\)sr4

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:gteversion:4.3

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:ltversion:6.1\(2\)

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:gteversion:5.0

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:gteversion:6.0

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:ltversion:4.3\(2\)sr1

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:ltversion:5.1\(3c\)

Trust: 1.0

vendor:ciscomodel:unified communications managerscope:gteversion:4.2

Trust: 1.0

vendor:ciscomodel:unified communications manager 5.1scope: - version: -

Trust: 0.9

vendor:ciscomodel:unified callmanagerscope:eqversion:4.1

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:5.x

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:6.x

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:6.0

Trust: 0.6

vendor:ciscomodel:unified communications manager 6.1scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:6.1(1)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:6.1

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:6.0(1)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:5.1(3)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:5.1(2)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:5.1(1)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:4.3(2)

Trust: 0.3

vendor:ciscomodel:unified communications manager 4.3 sr.1scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications manager 4.2 sr2scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications manager sr3scope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:unified communications manager sr2bscope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:call manager sr2scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager sr1scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es32scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es24scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es07scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es55scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es50scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es33scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager 4.1 sr4scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:neversion:6.1(2)

Trust: 0.3

vendor:ciscomodel:unified communications manager 5.1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:unified communications manager 4.3 sr1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:unified communications manager sr4scope:neversion:4.2

Trust: 0.3

sources: BID: 29935 // JVNDB: JVNDB-2008-002003 // CNNVD: CNNVD-200806-364 // NVD: CVE-2008-2062

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-2062
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-2062
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200806-364
value: MEDIUM

Trust: 0.6

VULHUB: VHN-32187
value: MEDIUM

Trust: 0.1

VULMON: CVE-2008-2062
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-2062
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-32187
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-32187 // VULMON: CVE-2008-2062 // JVNDB: JVNDB-2008-002003 // CNNVD: CNNVD-200806-364 // NVD: CVE-2008-2062

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-32187 // JVNDB: JVNDB-2008-002003 // NVD: CVE-2008-2062

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200806-364

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-200806-364

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-002003

PATCH
title:cisco-sa-20080625-cucmurl:http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml
Trust: 0.8
title:Cisco Unified Communications Manager RIS Data Collector Service bypasses the fix for authentication vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=95764
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2008-002003 // 
            
            
            
            CNNVD: CNNVD-200806-364

EXTERNAL IDS
db:NVDid:CVE-2008-2062
Trust: 2.9
db:BIDid:29935
Trust: 2.1
db:SECUNIAid:30848
Trust: 1.9
db:SECTRACKid:1020361
Trust: 1.7
db:VUPENid:ADV-2008-1933
Trust: 1.7
db:JVNDBid:JVNDB-2008-002003
Trust: 0.8
db:CNNVDid:CNNVD-200806-364
Trust: 0.6
db:VULHUBid:VHN-32187
Trust: 0.1
db:VUPENid:2008/1933
Trust: 0.1
db:VULMONid:CVE-2008-2062
Trust: 0.1
db:PACKETSTORMid:67722
Trust: 0.1
sources:
            
            
            VULHUB: VHN-32187 // 
            
            
            
            VULMON: CVE-2008-2062 // 
            
            
            
            BID: 29935 // 
            
            
            
            JVNDB: JVNDB-2008-002003 // 
            
            
            
            PACKETSTORM: 67722 // 
            
            
            
            CNNVD: CNNVD-200806-364 // 
            
            
            
            NVD: CVE-2008-2062

REFERENCES
url:http://www.securityfocus.com/bid/29935
Trust: 1.9
url:http://www.cisco.com/en/us/products/products_security_advisory09186a00809b9011.shtml
Trust: 1.8
url:http://www.securitytracker.com/id?1020361
Trust: 1.8
url:http://secunia.com/advisories/30848
Trust: 1.8
url:http://www.vupen.com/english/advisories/2008/1933/references
Trust: 1.8
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/43355
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2062
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2062
Trust: 0.8
url:http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a00809b9017.html
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/voicesw/ps556/index.html
Trust: 0.3
url:/archive/1/492082
Trust: 0.3
url:http://www.voipshield.com/research-details.php?id=74&s=3&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/264.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=75
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/product/11019/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/secunia_security_specialist/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=73
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=71
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=69
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=64
Trust: 0.1
url:http://secunia.com/product/5363/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=74
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=70
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=67
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=66
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=72
Trust: 0.1
url:http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml
Trust: 0.1
url:http://secunia.com/product/14776/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/12534/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=68
Trust: 0.1
url:http://secunia.com/product/12535/
Trust: 0.1
url:http://secunia.com/advisories/30848/
Trust: 0.1
url:http://corporate.secunia.com/about_secunia/64/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=65
Trust: 0.1
sources:
            
            
            VULHUB: VHN-32187 // 
            
            
            
            VULMON: CVE-2008-2062 // 
            
            
            
            BID: 29935 // 
            
            
            
            JVNDB: JVNDB-2008-002003 // 
            
            
            
            PACKETSTORM: 67722 // 
            
            
            
            CNNVD: CNNVD-200806-364 // 
            
            
            
            NVD: CVE-2008-2062

CREDITS
VoIPshield
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200806-364

SOURCES
db:VULHUBid:VHN-32187
db:VULMONid:CVE-2008-2062
db:BIDid:29935
db:JVNDBid:JVNDB-2008-002003
db:PACKETSTORMid:67722
db:CNNVDid:CNNVD-200806-364
db:NVDid:CVE-2008-2062

LAST UPDATE DATE
2024-11-23T21:56:52.314000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-32187date:2019-07-31T00:00:00
db:VULMONid:CVE-2008-2062date:2019-07-31T00:00:00
db:BIDid:29935date:2008-06-26T18:00:00
db:JVNDBid:JVNDB-2008-002003date:2008-12-19T00:00:00
db:CNNVDid:CNNVD-200806-364date:2019-08-01T00:00:00
db:NVDid:CVE-2008-2062date:2024-11-21T00:45:59.707

SOURCES RELEASE DATE
db:VULHUBid:VHN-32187date:2008-06-26T00:00:00
db:VULMONid:CVE-2008-2062date:2008-06-26T00:00:00
db:BIDid:29935date:2008-06-25T00:00:00
db:JVNDBid:JVNDB-2008-002003date:2008-12-19T00:00:00
db:PACKETSTORMid:67722date:2008-06-27T15:59:22
db:CNNVDid:CNNVD-200806-364date:2008-06-26T00:00:00
db:NVDid:CVE-2008-2062date:2008-06-26T17:41:00