Multiple Cisco Vulnerabilities

Cisco has released several updates and security advisories for some of their products.

Their Wireless LAN Controller (WLC) product family (version 6.0 or later) is affected by a Denial of Service (DoS) vulnerability where an unauthenticated attacker could cause a device to reload by sending a series of ICMP packets.  There are no available workarounds to mitigate this vulnerability and Cisco has released free software updates to address it.

The advisory is posted at:

Products Affected:

  • Cisco 2100 Series Wireless LAN Controllers
  • Cisco WLC526 Mobility Express Controller (AIR-WLC526-K9)
  • Cisco NME-AIR-WLC Modules for Integrated Services Routers (ISRs)
  • Cisco NM-AIR-WLC Modules for Integrated Services Routers (ISRs)

If you use these wireless controllers, I would recommend testing and patching sooner rather than later.  DoS attacks at this level do not generally expose data or offer compromise exposure, but they can be annoying, debiltating to normal business, and should be avoided whenever possible.

Cisco Unified Communications Manager (previously known as Cisco CallManager) contains the following vulnerabilities:

  • 3 denial of service (DoS) vulnerabilities that affect Session Initiation Protocol (SIP) services commonly used in VoIP.
  • 1 Directory transversal vulnerability.
  • 2 SQL injection vulnerabilities.

Cisco has released free software updates to address the last 3 vulnerabilities.  There is a workaround for the SIP DoS vulnerabilities.

The advisory is posted at:

Products Affected:

  • Cisco Unified Communications Manager 6.x, 7.x, & 8.x

All of these vulnerabilities have functional exploitability, but no indication of in the wild use.  Successful exploitation of the vulnerabilities could result in the interruption of services, privilege escalation and potential data modification.  In the case of DoS attacks, the affect UCM processes will restart, but repeated attacks may result in a sustained DoS condition.  If you use one of these products, test and deploy these patches ASAP.  The SQL injection vulnerabilities, “failure to prohibit uploading of files”, and “database security issue” are particularly worrisome.