You are here
Home > Preporuke > Ranjivost komponente Universal Media Services (UMS) Cisco IPICS-a

Ranjivost komponente Universal Media Services (UMS) Cisco IPICS-a

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: URG
  • Operativni sustavi: O
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability

Advisory ID: cisco-sa-20161026-ipics

Revision: 1.0

For Public Release 2016 October 26 16:00 GMT

+———————————————————————

Summary
=======

A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable.

The vulnerability is due to insufficient authentication for the interdevice communications interface access. An attacker could exploit this issue by accessing the interdevice communications interface and making changes to the UMS configuration, causing the system to become unavailable.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161026-ipics

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJYEKgeAAoJEK89gD3EAJB5kCkQAMBJBOUJKaTtf3g9NlubllRm
aoZVVdjNFTzVtWtgpcp3uXTIojTL2gJl56bLANEqdkzRCWlGPvEWCIwXCgHqDnal
crG4NcImv1P5UUeUVtsxSqOM9eIvaE+xwEDb19qCPFguWdDX91q6tyTxcWbrJOjz
KtzHOoVEqlfqJyFZ1HpbVbdLhzvo33M88X9L8YBl8syravWmGWuu5AsuUBgqOgvA
UW294RVd8LSVkrJwvD8rcOUmUSkKJ0RopqoRO/+YTK4DLd2EF63pXfPV1Gp4+J6u
Kq66Dv/Fq5D/7WneSAeiCbQ9eTVlpAE0Y3gucZB0/2juEoXLXqMMasgNtIs5Z4MK
AJvnN3TdocofxykwFgxi7ta3QzqIfzW8tlF+J9f1BxPmh/yItOgYacIpaDj7Hmdb
M3SsoVIP0uGWyrBZa9YySRGCbUbGaTn5wXiBFu5tRoesvQ0Wk81Im3JWSrGMq1uK
1ae+LMMTYH1wgnPhIm5jRsTnUQ0p3BYgKsU8L+aTbvDRdWKGCYLQue9JxmqKKb7C
mVW/BG/wC5FGg7oaMrF1uU3mNIR4WU4B46qFpWj58dJe3+IOmcniIVBoWSZTC6AF
P6nqGxHwg5ATvxPBrNR8KYYjiGLcdtSlN/kBgPXK3qPI0elF8vHRqyUL4gzxJt4D
IJsTFgSztk8B9FlbSdnu
=o3dI
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorTomislav Protega
Cert idNCERT-REF-2016-10-0180-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa ghostscript

Otkriveni su sigurnosni nedostaci u programskom paketu ghostscript za openSUSE 13.2. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljviih informacija, uskraćivanje...

Close