Cisco has released a patch for a password vulnerability that was recently discovered in its Unified Communications Domain Manager (Unified CDM) Platform Software.
According to a security advisory released by the company, "A vulnerability in the Cisco Unified Communications Domain Manager Platform Software could allow an unauthenticated, remote attacker to login with the privileges of the root user and take full control of the affected system."
Cisco's Unified CDM is part of the Cisco Hosted Collaboration System (CHS). It acts as a service delivery and management platform that provides various services, including automation and administration privileges, over the Cisco Unified Communications Manager, Cisco Unity Connection, and Cisco Jabber applications. This particular vulnerability is a problem because at the time of installation for Cisco's Unified CDM, a privileged account is created with a static and default password. This account apparently cannot be changed or deleted without negatively affecting the functionality of the system on which the software is installed. An attacker could exploit the bug by remotely connecting to the affected system via SSH using the account, which could allow them to assume control of the entire system.
Cisco first found the vulnerability during internal security testing. It has since given the bug a 10/10 Common Vulnerability Scoring System (CVSS) rating based on the ease with which an attacker can effect an exploit using the vulnerability as well as on the complete impact such an attack could have on a system's confidentiality, integrity, and availability. As an advisory released by the United States Computer Emergency Readiness Team (US-CERT) reveals, versions of the Unified Communications Domain Manager Platform Software prior to 10.x are affected by this vulnerability. There are no workarounds to this issue, and there are no known exploits in the wild at this time. It is recommended that sysadmins update to Cisco Unified Communications Domain Manager Platform Software 4.4.5 or later, versions in which the company has patched the vulnerability. Those customers running Cisco Unified Communications Domain Manager Platform Software Releases 4.4.3 and 4.4.4 can request a hotfix patch through their normal support channels. News of this patch follows a security update released by Cisco back in June for multiple default SSH keys vulnerabilities affecting several of its virtual appliances.
