[c-nsp] Cisco Security Advisory: Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability

Cisco Systems Product Security Incident Response Team psirt at cisco.com
Wed Oct 26 12:01:34 EDT 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability

Advisory ID: cisco-sa-20161026-ipics

Revision: 1.0

For Public Release 2016 October 26 16:00 GMT

+---------------------------------------------------------------------


Summary
=======

A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable.

The vulnerability is due to insufficient authentication for the interdevice communications interface access. An attacker could exploit this issue by accessing the interdevice communications interface and making changes to the UMS configuration, causing the system to become unavailable.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYEKgeAAoJEK89gD3EAJB5kCkQAMBJBOUJKaTtf3g9NlubllRm
aoZVVdjNFTzVtWtgpcp3uXTIojTL2gJl56bLANEqdkzRCWlGPvEWCIwXCgHqDnal
crG4NcImv1P5UUeUVtsxSqOM9eIvaE+xwEDb19qCPFguWdDX91q6tyTxcWbrJOjz
KtzHOoVEqlfqJyFZ1HpbVbdLhzvo33M88X9L8YBl8syravWmGWuu5AsuUBgqOgvA
UW294RVd8LSVkrJwvD8rcOUmUSkKJ0RopqoRO/+YTK4DLd2EF63pXfPV1Gp4+J6u
Kq66Dv/Fq5D/7WneSAeiCbQ9eTVlpAE0Y3gucZB0/2juEoXLXqMMasgNtIs5Z4MK
AJvnN3TdocofxykwFgxi7ta3QzqIfzW8tlF+J9f1BxPmh/yItOgYacIpaDj7Hmdb
M3SsoVIP0uGWyrBZa9YySRGCbUbGaTn5wXiBFu5tRoesvQ0Wk81Im3JWSrGMq1uK
1ae+LMMTYH1wgnPhIm5jRsTnUQ0p3BYgKsU8L+aTbvDRdWKGCYLQue9JxmqKKb7C
mVW/BG/wC5FGg7oaMrF1uU3mNIR4WU4B46qFpWj58dJe3+IOmcniIVBoWSZTC6AF
P6nqGxHwg5ATvxPBrNR8KYYjiGLcdtSlN/kBgPXK3qPI0elF8vHRqyUL4gzxJt4D
IJsTFgSztk8B9FlbSdnu
=o3dI
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list