Cisco patched authentication, privilege escalation, and denial-of-service vulnerabilities this week in a number of of its merchandise, together with one which’s used for figuring out the situation of 9-1-1 emergency callers.
The flaw in Cisco Emergency Responder is attributable to the presence of default static credentials for the basis account that had been used throughout improvement however had been by no means eliminated. Customers can not change or take away these credentials, presenting a everlasting backdoor that will permit attackers to execute instructions on the affected programs with the best potential privileges.
Cisco Emergency Responder works along with Cisco Unified Communications Supervisor to reinforce its 9-1-1 performance by figuring out the situation of emergency callers so the calls may be routed to the suitable public security answering level. It additionally permits emergency responders to dynamically monitor caller or cellphone location adjustments.
The static root credentials are solely current within the 12.5(1)SU41 model of the software program and was fastened in 12.5(1)SU5. Launch 14 of the firmware, in addition to releases 11.5 and earlier aren’t impacted. The flaw, tracked as CVE-2023-20101, is rated as crucial.
Cisco API endpoint vulnerability may result in DoS assault
One other vulnerability that impacts Cisco Emergency Responder, in addition to a number of different Cisco Unified Communications merchandise is in an API endpoint and may result in a denial-of-service situation. The flaw may be exploited with out authentication by sending particularly crafted requests to the weak API endpoint so as to set off excessive CPU utilization. This in flip may stop entry to the web-based administration interface of the units or result in delays in name processing.
The vulnerability, tracked as CVE-2023-20259, is rated as excessive severity and impacts Emergency Responder, Prime Collaboration Deployment, Unified Communications Supervisor (Unified CM), Unified Communications Supervisor IM & Presence Service (Unified CM IM&P), Unified Communications Supervisor Session Administration Version (Unified CM SME) and Unity Connection. Cisco has launched firmware updates for all impacted programs.
Cisco Community Providers Orchestrator flaw may permit privilege escalation
A 3rd flaw, CVE-2021-1572, was patched in Cisco Community Providers Orchestrator and may result in privilege escalation if an attacker has entry to a low-privileged account on the system and the system has the Safe Shell (SSH) server for the command-line interface (CLI) enabled. The difficulty is attributable to the truth that the SFTP consumer service runs with the identical privileges because the account that was used to allow the built-in SSH server and that account is root by default.
“Any consumer who can authenticate to the built-in SSH server might exploit this vulnerability,” Cisco warns in its advisory. “By default, all Cisco NSO customers have this entry if the server is enabled.”
The excellent news is that the built-in SSH server is disabled by default in an NSO system set up. The dangerous information is that almost all supported variations of NSO are impacted when SSH is enabled.
The identical vulnerability, which was initially introduced in August, impacts ConfD, a framework for on-device administration. Cisco has now up to date its advisories for each NSO and ConfD with extra details about impacted releases and availability of fastened variations.
Crucial Infrastructure, Community Safety, Vulnerabilities
