For HomeFor BusinessFor Partners
Industry News
2 min read

Hardcoded SSH Key Enables Backdoor in Cisco`s Unified Communication Domain Manager

Lucian Ciolacu

July 04, 2014

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Hardcoded SSH Key Enables Backdoor in Cisco`s Unified Communication Domain Manager

A hardcoded and unprotected SSH key for remote support access has been found inside Cisco`s Unified Domain Communication Manager (CUCDM), according to a Cisco advisory. The backdoor could be used by an attacker to control the platform and all deployments.

The CUCDM manages video, voice, messaging, mobility and instant messaging applications, or other services for enterprise in a single unified platform. Cisco advised of three major vulnerabilities, including privilege escalation and unauthorized data manipulation.

The SSH key vulnerability is due to poor implementation of the support framework in the CUCDM Platform Software, as it allows a potential attacker to gain full system privileges as root user.

“The vulnerability is due to the presence of a default SSH private key, which is stored in an insecure way on the system,” the advisory said.

The second vulnerability, of privilege escalation, is located in the web framework of the CUCDM application software and can allow an attacker to gain system administrator rights.

“The vulnerability is due to improper implementation of authentication and authorization controls of the Administration GUI.”

The exploit can be easily done via a crafted URL to change user administrative credentials, as the attacker needs to persuade a valid Admin GUI user to access a malicious link or just be authenticated in the system.

The third vulnerability deals with unauthorized data manipulation in the CUCDM`s BVSMWeb that could allow an attacker to perform remote access to the BVSMWeb portal, and tamper with user data, such as speed dials, call forward settings, personal phone directory settings or Single Number Reach.

The exploit is doable by sending to the affected system a crafted URL, as the vulnerability is “due to improper implementation of authentication and authorization controls when accessing some web pages of the BVSMWeb portal.”

A CUCDM update has been released by Cisco to fix the backdoor and the other privilege escalation vulnerability. A mitigation solution has also been provided for the unauthorized data manipulation vulnerability, as it could not be fixed.

tags

Industry News

Author

Lucian Ciolacu

Lucian Ciolacu

Still the youngest Bitdefender News writer, Lucian is constantly after flash news in the security industry, especially when something is vulnerable or exploited.

View all posts

Right now Top posts

Is Your Digital Footprint Placing You in Scammers’ Crosshairs?
Scam

Is Your Digital Footprint Placing You in Scammers’ Crosshairs?

October 17, 2024

4 min read
What Key Cyberthreats Do Small Businesses Face?
Tips and Tricks How to Very Small Business

What Key Cyberthreats Do Small Businesses Face?

September 06, 2024

4 min read
Got a Strange Text? 5 Signs That You’re Being Scammed (and How to Protect Yourself)
Scam

Got a Strange Text? 5 Signs That You’re Being Scammed (and How to Protect Yourself)

September 02, 2024

6 min read
Scam Alert: How Fraudsters Are Exploiting WhatsApp Group Chats and What You Need to Know to Stay Safe
Scam How to

Scam Alert: How Fraudsters Are Exploiting WhatsApp Group Chats and What You Need to Know to Stay Safe

August 13, 2024

3 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

Nintendo Warns Gamers to Avoid Clicking Links in Spoofed Emails
Industry News

Nintendo Warns Gamers to Avoid Clicking Links in Spoofed Emails
Filip TRUȚĂ

November 04, 2024

2 min read
FBI Warns of Fake Videos Stirring Election Unrest
Industry News Scam

FBI Warns of Fake Videos Stirring Election Unrest
Vlad CONSTANTINESCU

November 04, 2024

1 min read
FBI Says Iranian Group Tried to Attack the 2024 Summer Olympics
Industry News

FBI Says Iranian Group Tried to Attack the 2024 Summer Olympics
Silviu STAHIE

November 01, 2024

1 min read

Bookmarks

loader