Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-1362 |
CWE-ID | CWE-94 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Unified Communications Manager (CallManager) Server applications / Remote management servers, RDP, SSH Cisco Unified Communications Manager Session Management Edition Server applications / Remote management servers, RDP, SSH Cisco Unified Communications Manager IM & Presence Service Client/Desktop applications / Other client software Cisco Unity Connection Client/Desktop applications / Messaging software Cisco Prime License Manager Client/Desktop applications / Software for system administration |
Vendor |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU51966
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-1362
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation in the SOAP API endpoint. A remote user can send a specially crafted SOAP API request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsUnified Communications Manager (CallManager): before 12.5.1 SU4
Cisco Unified Communications Manager IM & Presence Service: before 12.5.1 SU4
Cisco Unified Communications Manager Session Management Edition: before 12.5.1 SU4
Cisco Unity Connection: before 12.5.1 SU4
Cisco Prime License Manager: before 12.5.1 SU4
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv35203
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu56491
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv41616
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCvv59434
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.