Release Date: 18-May-2011

Last Update: –

Vendor Notification Date: 28-Feb-2011

Product: Cisco Unified Operations Manager
Common Services Framework Help Servlet
Common Services Device Center
CiscoWorks Homepage
Note: All of the above products are included by default in CuOM.

Platform: Microsoft Windows

Affected versions: CuOM 8.0 and 8.5 (verified), possibly others.

Severity Rating: Medium – Low

Impact: Database access, cookie and credential theft, impersonation, loss of confidentiality, local file disclosure, information disclosure.

Attack Vector: Remote with authentication

Solution Status: Vendor patch

CVE reference: CVE-2011-0959 (CSCtn61716)
CVE-2011-0960 (CSCtn61716)
CVE-2011-0961 (CSCto12704)
CVE-2011-0962 (CSCto12712)
CVE-2011-0966 (CSCto35577)

Details

Cisco Unified Operations Manager (CuOM) is a NMS for voice developed by Cisco Systems. Operations Manager monitors and evaluates the current status of both the IP communications infrastructure and the underlying transport infrastructure in your network.

Multiple vulnerabilities have been identified in Cisco Unified Operations Manager and associated products. These vulnerabilities include multiple blind SQL injections, multiple XSS’ and a directory traversal vulnerability.

Please refer to the PDF version of this advisory for proof of concept code examples.

Solution

Upgrade to CuOM 8.6.

Refer to Cisco Bug IDs: CSCtn61716, CSCto12704, CSCto12712 and CSCto35577 for information on patches and availability of fixes.

Discovered By

Sense of Security Labs.