[c-nsp] Cisco Security Advisory: Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability

Wed Oct 26 12:01:34 EDT 2016

A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable.

The vulnerability is due to insufficient authentication for the interdevice communications interface access. An attacker could exploit this issue by accessing the interdevice communications interface and making changes to the UMS configuration, causing the system to become unavailable.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYEKgeAAoJEK89gD3EAJB5kCkQAMBJBOUJKaTtf3g9NlubllRm
aoZVVdjNFTzVtWtgpcp3uXTIojTL2gJl56bLANEqdkzRCWlGPvEWCIwXCgHqDnal
crG4NcImv1P5UUeUVtsxSqOM9eIvaE+xwEDb19qCPFguWdDX91q6tyTxcWbrJOjz
KtzHOoVEqlfqJyFZ1HpbVbdLhzvo33M88X9L8YBl8syravWmGWuu5AsuUBgqOgvA
UW294RVd8LSVkrJwvD8rcOUmUSkKJ0RopqoRO/+YTK4DLd2EF63pXfPV1Gp4+J6u
Kq66Dv/Fq5D/7WneSAeiCbQ9eTVlpAE0Y3gucZB0/2juEoXLXqMMasgNtIs5Z4MK
AJvnN3TdocofxykwFgxi7ta3QzqIfzW8tlF+J9f1BxPmh/yItOgYacIpaDj7Hmdb
M3SsoVIP0uGWyrBZa9YySRGCbUbGaTn5wXiBFu5tRoesvQ0Wk81Im3JWSrGMq1uK
1ae+LMMTYH1wgnPhIm5jRsTnUQ0p3BYgKsU8L+aTbvDRdWKGCYLQue9JxmqKKb7C
mVW/BG/wC5FGg7oaMrF1uU3mNIR4WU4B46qFpWj58dJe3+IOmcniIVBoWSZTC6AF
P6nqGxHwg5ATvxPBrNR8KYYjiGLcdtSlN/kBgPXK3qPI0elF8vHRqyUL4gzxJt4D
IJsTFgSztk8B9FlbSdnu
=o3dI
-----END PGP SIGNATURE-----