Sign-up

ID

VAR-201711-0332


CVE

CVE-2017-12337


TITLE

Cisco Voice Operating System Authentication vulnerabilities in software platform-based collaboration products

Trust: 0.8

sources: JVNDB: JVNDB-2017-010148

DESCRIPTION

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a refresh upgrade (RU) or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password. If the vulnerable device is subsequently upgraded using the standard upgrade method to an Engineering Special Release, service update, or a new major release of the affected product, this vulnerability is remediated by that action. Note: Engineering Special Releases that are installed as COP files, as opposed to the standard upgrade method, do not remediate this vulnerability. An attacker who can access an affected device over SFTP while it is in a vulnerable state could gain root access to the device. This access could allow the attacker to compromise the affected system completely. Cisco Bug IDs: CSCvg22923, CSCvg55112, CSCvg55128, CSCvg55145, CSCvg58619, CSCvg64453, CSCvg64456, CSCvg64464, CSCvg64475, CSCvg68797. Vendors have confirmed this vulnerability Bug ID CSCvg22923 , CSCvg55112 , CSCvg55128 , CSCvg55145 , CSCvg58619 , CSCvg64453 , CSCvg64456 , CSCvg64464 , CSCvg64475 ,and CSCvg68797 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco Voice OS is prone to a unauthorized access vulnerability. This may lead to further attacks. Cisco Voice Operating System is a set of voice operating system of Cisco (Cisco). Cisco Unified Communications Manager (UCM) is a call-processing component of a unified communications system. Unified Communication Manager Session Management Edition (SME) is its session management version. The following products are affected: Cisco Unified Communications Manager (UCM); Unified Communication Manager Session Management Edition (SME); Emergency Responder; Unity ConnectionCisco Unified Communications Manager IM and Presence Service (IMP, formerly Cisco Unified Presence); Hosted Collaboration Mediation Fulfillment; Unified Contact Center Express (UCCx); SocialMiner; Unified Intelligence Center (UIC); Finesse; MediaSense

Trust: 2.07

sources: NVD: CVE-2017-12337 // JVNDB: JVNDB-2017-010148 // BID: 101865 // VULHUB: VHN-102849 // VULMON: CVE-2017-12337

AFFECTED PRODUCTS

vendor:ciscomodel:unified communications managerscope:eqversion: -

Trust: 1.9

vendor:ciscomodel:unified contact center expressscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:socialminerscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:prime license managerscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:unified communications manager im and presence servicescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:unified intelligence centerscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:unity connectionscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:hosted collaboration solutionscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:mediasensescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:emergency responderscope: - version: -

Trust: 1.1

vendor:ciscomodel:emergency responderscope:eqversion: -

Trust: 1.0

vendor:ciscomodel:finessescope:eqversion: -

Trust: 1.0

vendor:ciscomodel:finessescope: - version: -

Trust: 0.8

vendor:ciscomodel:hosted collaboration solutionscope: - version: -

Trust: 0.8

vendor:ciscomodel:mediasensescope: - version: -

Trust: 0.8

vendor:ciscomodel:prime license managerscope: - version: -

Trust: 0.8

vendor:ciscomodel:socialminerscope: - version: -

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:none

Trust: 0.8

vendor:ciscomodel:unified communications managerscope:eqversion:(session management)

Trust: 0.8

vendor:ciscomodel:unified communications manager im and presence servicescope: - version: -

Trust: 0.8

vendor:ciscomodel:unified contact center expressscope: - version: -

Trust: 0.8

vendor:ciscomodel:unified intelligence centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:unity connectionscope: - version: -

Trust: 0.8

vendor:ciscomodel:voice osscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unity connectionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified intelligence centerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified contact center expressscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications manager im and presence servicescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communication manager session managementscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:socialminerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:finessescope:eqversion:0

Trust: 0.3

sources: BID: 101865 // JVNDB: JVNDB-2017-010148 // CNNVD: CNNVD-201711-660 // NVD: CVE-2017-12337

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-12337
value: CRITICAL

Trust: 1.0

NVD: CVE-2017-12337
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201711-660
value: CRITICAL

Trust: 0.6

VULHUB: VHN-102849
value: HIGH

Trust: 0.1

VULMON: CVE-2017-12337
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2017-12337
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-102849
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-12337
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-102849 // VULMON: CVE-2017-12337 // JVNDB: JVNDB-2017-010148 // CNNVD: CNNVD-201711-660 // NVD: CVE-2017-12337

PROBLEMTYPE DATA

problemtype:CWE-287

Trust: 1.9

sources: VULHUB: VHN-102849 // JVNDB: JVNDB-2017-010148 // NVD: CVE-2017-12337

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-660

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201711-660

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-010148

PATCH
title:cisco-sa-20171115-vosurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos
Trust: 0.8
title:Multiple Cisco Product Authorization Issue Vulnerability Fixing Measuresurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76740
Trust: 0.6
title:Cisco: Cisco Voice Operating System-Based Products Unauthorized Access Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20171115-vos
Trust: 0.1
title:Threatposturl:https://threatpost.com/cisco-warns-of-critical-flaw-in-voice-os-based-products/128913/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2017-12337 // 
            
            
            
            JVNDB: JVNDB-2017-010148 // 
            
            
            
            CNNVD: CNNVD-201711-660

EXTERNAL IDS
db:NVDid:CVE-2017-12337
Trust: 2.9
db:BIDid:101865
Trust: 2.1
db:SECTRACKid:1039818
Trust: 1.8
db:SECTRACKid:1039814
Trust: 1.8
db:SECTRACKid:1039813
Trust: 1.8
db:SECTRACKid:1039815
Trust: 1.8
db:SECTRACKid:1039820
Trust: 1.8
db:SECTRACKid:1039817
Trust: 1.8
db:SECTRACKid:1039819
Trust: 1.8
db:SECTRACKid:1039816
Trust: 1.8
db:JVNDBid:JVNDB-2017-010148
Trust: 0.8
db:CNNVDid:CNNVD-201711-660
Trust: 0.7
db:VULHUBid:VHN-102849
Trust: 0.1
db:VULMONid:CVE-2017-12337
Trust: 0.1
sources:
            
            
            VULHUB: VHN-102849 // 
            
            
            
            VULMON: CVE-2017-12337 // 
            
            
            
            BID: 101865 // 
            
            
            
            JVNDB: JVNDB-2017-010148 // 
            
            
            
            CNNVD: CNNVD-201711-660 // 
            
            
            
            NVD: CVE-2017-12337

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171115-vos
Trust: 2.2
url:http://www.securityfocus.com/bid/101865
Trust: 1.9
url:http://www.securitytracker.com/id/1039813
Trust: 1.8
url:http://www.securitytracker.com/id/1039814
Trust: 1.8
url:http://www.securitytracker.com/id/1039815
Trust: 1.8
url:http://www.securitytracker.com/id/1039816
Trust: 1.8
url:http://www.securitytracker.com/id/1039817
Trust: 1.8
url:http://www.securitytracker.com/id/1039818
Trust: 1.8
url:http://www.securitytracker.com/id/1039819
Trust: 1.8
url:http://www.securitytracker.com/id/1039820
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12337
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-12337
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/287.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/cisco-warns-of-critical-flaw-in-voice-os-based-products/128913/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-102849 // 
            
            
            
            VULMON: CVE-2017-12337 // 
            
            
            
            BID: 101865 // 
            
            
            
            JVNDB: JVNDB-2017-010148 // 
            
            
            
            CNNVD: CNNVD-201711-660 // 
            
            
            
            NVD: CVE-2017-12337

CREDITS
Quentin Rhoads-Herrera and Rich Mirch of the State Farm Penetration Testing Team.
Trust: 0.3
sources:
            
            
            BID: 101865

SOURCES
db:VULHUBid:VHN-102849
db:VULMONid:CVE-2017-12337
db:BIDid:101865
db:JVNDBid:JVNDB-2017-010148
db:CNNVDid:CNNVD-201711-660
db:NVDid:CVE-2017-12337

LAST UPDATE DATE
2024-11-23T22:00:49.361000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-102849date:2019-10-09T00:00:00
db:VULMONid:CVE-2017-12337date:2019-10-09T00:00:00
db:BIDid:101865date:2017-12-19T22:37:00
db:JVNDBid:JVNDB-2017-010148date:2017-12-06T00:00:00
db:CNNVDid:CNNVD-201711-660date:2019-10-17T00:00:00
db:NVDid:CVE-2017-12337date:2024-11-21T03:09:19.983

SOURCES RELEASE DATE
db:VULHUBid:VHN-102849date:2017-11-16T00:00:00
db:VULMONid:CVE-2017-12337date:2017-11-16T00:00:00
db:BIDid:101865date:2017-11-16T00:00:00
db:JVNDBid:JVNDB-2017-010148date:2017-12-06T00:00:00
db:CNNVDid:CNNVD-201711-660date:2017-12-11T00:00:00
db:NVDid:CVE-2017-12337date:2017-11-16T07:29:01.023