Sign-up

ID

VAR-200806-0343


CVE

CVE-2008-2730


TITLE

Cisco Unified Communications Manager of RIS Data Collector Authentication bypass vulnerability in services

Trust: 0.8

sources: JVNDB: JVNDB-2008-002004

DESCRIPTION

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. The problem is Bug ID : CSCsj90843 It is a problem.Please refer to the “Overview” for the impact of this vulnerability. Attackers can exploit this issue to gain read-only access to potentially sensitive information about a CUCM cluster. Information harvested can aid in further attacks. The following versions of CUCM are affected: 4.2 prior to 4.2(3)SR4 4.3 prior to 4.3(2)SR1 5.0 prior to 5.1(3c) 6.0 prior to 6.1(2) Unified CallManager 4.1 versions are also affected. In normal operation, Real-Time Monitoring Tool (RTMT) clients collect CUCM cluster statistics by authenticating to the Simple Object Access Protocol (SOAP)-based web interface, which proxies the authenticated connection to the RIS data collector process. 1) An unspecified error in the Computer Telephony Integration (CTI) Manager service can be exploited to cause a DoS by sending a specially crafted packet to port 2748/TCP. information about performance statistics, user names, and configured IP phones. PROVIDED AND/OR DISCOVERED BY: VoIPshield CHANGELOG: 2008-06-26: Added links to VoIPshield. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml VoIPshield: http://www.voipshield.com/research-details.php?id=64 http://www.voipshield.com/research-details.php?id=65 http://www.voipshield.com/research-details.php?id=66 http://www.voipshield.com/research-details.php?id=67 http://www.voipshield.com/research-details.php?id=68 http://www.voipshield.com/research-details.php?id=69 http://www.voipshield.com/research-details.php?id=70 http://www.voipshield.com/research-details.php?id=71 http://www.voipshield.com/research-details.php?id=72 http://www.voipshield.com/research-details.php?id=73 http://www.voipshield.com/research-details.php?id=74 http://www.voipshield.com/research-details.php?id=75 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2008-2730 // JVNDB: JVNDB-2008-002004 // BID: 29935 // VULHUB: VHN-32855 // PACKETSTORM: 67722

AFFECTED PRODUCTS

vendor:ciscomodel:unified communications managerscope:eqversion:6.1

Trust: 1.9

vendor:ciscomodel:unified communications managerscope:eqversion:5.1

Trust: 1.6

vendor:ciscomodel:unified communications managerscope:eqversion:4.3

Trust: 1.1

vendor:ciscomodel:unified communications manager 5.1scope: - version: -

Trust: 0.9

vendor:ciscomodel:unified callmanagerscope:eqversion:4.1

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:4.2

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:5.x

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:6.x

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:6.0

Trust: 0.6

vendor:ciscomodel:unified communications manager 6.1scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:6.1(1)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:6.0(1)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:5.1(3)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:5.1(2)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:5.1(1)

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:4.3(2)

Trust: 0.3

vendor:ciscomodel:unified communications manager 4.3 sr.1scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications manager 4.2 sr2scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications manager sr3scope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:unified communications manager sr2bscope:eqversion:4.2

Trust: 0.3

vendor:ciscomodel:call manager sr2scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager sr1scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es32scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es24scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es07scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es55scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es50scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager es33scope:eqversion:4.1

Trust: 0.3

vendor:ciscomodel:call manager 4.1 sr4scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:neversion:6.1(2)

Trust: 0.3

vendor:ciscomodel:unified communications manager 5.1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:unified communications manager 4.3 sr1scope:neversion: -

Trust: 0.3

vendor:ciscomodel:unified communications manager sr4scope:neversion:4.2

Trust: 0.3

sources: BID: 29935 // JVNDB: JVNDB-2008-002004 // CNNVD: CNNVD-200806-365 // NVD: CVE-2008-2730

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-2730
value: MEDIUM

Trust: 1.0

NVD: CVE-2008-2730
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200806-365
value: MEDIUM

Trust: 0.6

VULHUB: VHN-32855
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2008-2730
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-32855
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-32855 // JVNDB: JVNDB-2008-002004 // CNNVD: CNNVD-200806-365 // NVD: CVE-2008-2730

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-32855 // JVNDB: JVNDB-2008-002004 // NVD: CVE-2008-2730

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200806-365

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-200806-365

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2008-002004

PATCH
title:cisco-sa-20080625-cucmurl:http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2008-002004

EXTERNAL IDS
db:NVDid:CVE-2008-2730
Trust: 2.8
db:BIDid:29935
Trust: 2.0
db:SECUNIAid:30848
Trust: 1.8
db:SECTRACKid:1020361
Trust: 1.7
db:VUPENid:ADV-2008-1933
Trust: 1.7
db:JVNDBid:JVNDB-2008-002004
Trust: 0.8
db:CISCOid:20080625 CISCO UNIFIED COMMUNICATIONS MANAGER DENIAL OF SERVICE AND AUTHENTICATION BYPASS VULNERABILITIES
Trust: 0.6
db:XFid:43355
Trust: 0.6
db:CNNVDid:CNNVD-200806-365
Trust: 0.6
db:VULHUBid:VHN-32855
Trust: 0.1
db:PACKETSTORMid:67722
Trust: 0.1
sources:
            
            
            VULHUB: VHN-32855 // 
            
            
            
            BID: 29935 // 
            
            
            
            JVNDB: JVNDB-2008-002004 // 
            
            
            
            PACKETSTORM: 67722 // 
            
            
            
            CNNVD: CNNVD-200806-365 // 
            
            
            
            NVD: CVE-2008-2730

REFERENCES
url:http://www.securityfocus.com/bid/29935
Trust: 1.7
url:http://www.cisco.com/en/us/products/products_security_advisory09186a00809b9011.shtml
Trust: 1.7
url:http://www.securitytracker.com/id?1020361
Trust: 1.7
url:http://secunia.com/advisories/30848
Trust: 1.7
url:http://www.vupen.com/english/advisories/2008/1933/references
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/43355
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2730
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2730
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/43355
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2008/1933/references
Trust: 0.6
url:http://www.cisco.com/en/us/products/products_applied_mitigation_bulletin09186a00809b9017.html
Trust: 0.3
url:http://www.cisco.com/en/us/products/sw/voicesw/ps556/index.html
Trust: 0.3
url:/archive/1/492082
Trust: 0.3
url:http://www.voipshield.com/research-details.php?id=74&s=3&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=desc
Trust: 0.3
url:http://www.voipshield.com/research-details.php?id=75
Trust: 0.1
url:http://secunia.com/hardcore_disassembler_and_reverse_engineer/
Trust: 0.1
url:http://secunia.com/product/11019/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/secunia_security_specialist/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=73
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=71
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=69
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=64
Trust: 0.1
url:http://secunia.com/product/5363/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=74
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=70
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=67
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=66
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=72
Trust: 0.1
url:http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml
Trust: 0.1
url:http://secunia.com/product/14776/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/12534/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=68
Trust: 0.1
url:http://secunia.com/product/12535/
Trust: 0.1
url:http://secunia.com/advisories/30848/
Trust: 0.1
url:http://corporate.secunia.com/about_secunia/64/
Trust: 0.1
url:http://www.voipshield.com/research-details.php?id=65
Trust: 0.1
sources:
            
            
            VULHUB: VHN-32855 // 
            
            
            
            BID: 29935 // 
            
            
            
            JVNDB: JVNDB-2008-002004 // 
            
            
            
            PACKETSTORM: 67722 // 
            
            
            
            CNNVD: CNNVD-200806-365 // 
            
            
            
            NVD: CVE-2008-2730

CREDITS
VoIPshield
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200806-365

SOURCES
db:VULHUBid:VHN-32855
db:BIDid:29935
db:JVNDBid:JVNDB-2008-002004
db:PACKETSTORMid:67722
db:CNNVDid:CNNVD-200806-365
db:NVDid:CVE-2008-2730

LAST UPDATE DATE
2024-11-23T21:56:52.354000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-32855date:2017-08-08T00:00:00
db:BIDid:29935date:2008-06-26T18:00:00
db:JVNDBid:JVNDB-2008-002004date:2008-12-19T00:00:00
db:CNNVDid:CNNVD-200806-365date:2008-11-21T00:00:00
db:NVDid:CVE-2008-2730date:2024-11-21T00:47:34.463

SOURCES RELEASE DATE
db:VULHUBid:VHN-32855date:2008-06-26T00:00:00
db:BIDid:29935date:2008-06-25T00:00:00
db:JVNDBid:JVNDB-2008-002004date:2008-12-19T00:00:00
db:PACKETSTORMid:67722date:2008-06-27T15:59:22
db:CNNVDid:CNNVD-200806-365date:2008-06-26T00:00:00
db:NVDid:CVE-2008-2730date:2008-06-26T17:41:00