SB2017080305 - Two vulnerabilities in Cisco Unified Communications Manager
Published: August 3, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 vulnerabilities.
1) Path traversal (CVE-ID: CVE-2017-6758)
CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists in the web framework of Cisco Unified Communications Manager due to insufficient input validation. A remote attacker can use directory traversal techniques to read files in the web root directory structure on the Cisco Unified Communications Manager filesystem.
Successful exploitation of the vulnerability results in information disclosure.
2) SQL injection (CVE-ID: CVE-2017-6757)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear
The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information on the target system.
The weakness exists in Cisco Unified Communications Manager due to improper validation of user-supplied input. A remote attacker can send specially crafted URLs containing SQL statements, bypass protection filters and modify or delete entries in some database tables.
Remediation
Install update from vendor's website.