Cisco Cisco TelePresence Video Communication Server Expressway 릴리즈 노트
Resolved caveats
Cisco TelePresence Video Communication Server X7.2.3 Software Release Notes
Page 31 of 50
Resolved in X7.0
Security-related issues
Identifier
Summary
CSCtr80182
DNS cache poisoning attacks CVE-2008-1447: previous releases of Cisco VCS were
vulnerable to CVE-2008-1447. Version X7.0 has been upgraded to use dnsmasq 2.57 which
has resolved the issue.
vulnerable to CVE-2008-1447. Version X7.0 has been upgraded to use dnsmasq 2.57 which
has resolved the issue.
CSCtr80196
OpenSSL Ciphersuite Downgrade Attack CVE-2010-4180 and Openssl clienthello
vulnerability CVE-2011-0014: previous releases of Cisco VCS were vulnerable to CVE-2010-
4180 and CVE-2011-0014. Version X7.0 has been upgraded to use openssl 1.0.0d, which has
resolved the issue.
vulnerability CVE-2011-0014: previous releases of Cisco VCS were vulnerable to CVE-2010-
4180 and CVE-2011-0014. Version X7.0 has been upgraded to use openssl 1.0.0d, which has
resolved the issue.
CSCtr32396
VCS Command Injection Vulnerability
Symptoms: administrator entered values within the administrative interfaces of the Cisco VCS
may not be properly sanitized. This could allow a malicious administrator to cause arbitrary
commands to be executed on the underlying system.
Conditions: a device is running an affected version of Cisco VCS.
Workaround: restrict access to the administrative interfaces to trusted users only.
Further Problem Description: while this issue may allow an authenticated, remote attacker to
cause arbitrary commands to be executed. Any successful command execution is performed
under the restricted 'nobody' account, restricting the direct impact of this issue.
Malicious values that are entered via the command line interface may not be immediately
executed, and instead the malicious actions may be performed the next time an administrator
accesses a page containing the malicious value via the administrative web interface.
PSIRT Evaluation: the Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation are 6.5/5.4:
Symptoms: administrator entered values within the administrative interfaces of the Cisco VCS
may not be properly sanitized. This could allow a malicious administrator to cause arbitrary
commands to be executed on the underlying system.
Conditions: a device is running an affected version of Cisco VCS.
Workaround: restrict access to the administrative interfaces to trusted users only.
Further Problem Description: while this issue may allow an authenticated, remote attacker to
cause arbitrary commands to be executed. Any successful command execution is performed
under the restricted 'nobody' account, restricting the direct impact of this issue.
Malicious values that are entered via the command line interface may not be immediately
executed, and instead the malicious actions may be performed the next time an administrator
accesses a page containing the malicious value via the administrative web interface.
PSIRT Evaluation: the Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation are 6.5/5.4:
CVE ID CVE-2011-2538 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
CSCtr80205
Symptoms: Cisco VCS may include a version of PHP that may be vulnerable to published
vulnerabilities.
The vulnerabilities are detailed by the following CVE id: CVE-2010-4697, CVE-2006-7243
Conditions: None
Workaround: None
Further Problem Description: The vulnerability is not confirmed to be exploitable or Cisco
VCS, however Cisco is improving VCS product security by upgrading PHP to the latest
available version.
Additional information about the specific vulnerabilities listed above including condition and
possible workarounds can be found by looking at the description of each CVE-id at :
http://cve.mitre.org/cve/ .
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and
Temporal CVSS scores as of the time of evaluation are 6.8/6.1:
vulnerabilities.
The vulnerabilities are detailed by the following CVE id: CVE-2010-4697, CVE-2006-7243
Conditions: None
Workaround: None
Further Problem Description: The vulnerability is not confirmed to be exploitable or Cisco
VCS, however Cisco is improving VCS product security by upgrading PHP to the latest
available version.
Additional information about the specific vulnerabilities listed above including condition and
possible workarounds can be found by looking at the description of each CVE-id at :
http://cve.mitre.org/cve/ .
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and
Temporal CVSS scores as of the time of evaluation are 6.8/6.1:
CVE ID CVE-2010-4697, CVE-2006-7243 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
CSCts82540
CSCts80342
CSCts80342
A vulnerability exists in Cisco TelePresence Video Communication Server (VCS) due to
improper validation of user-controlled input to the web-based administrative interface. User-
controlled input supplied to the login page via the HTTP User-Agent header is not properly
sanitized for illegal or malicious content prior to being returned to the user in dynamically
generated web content. A remote attacker could exploit this vulnerability to perform reflected
cross-site scripting (XSS) attacks.
improper validation of user-controlled input to the web-based administrative interface. User-
controlled input supplied to the login page via the HTTP User-Agent header is not properly
sanitized for illegal or malicious content prior to being returned to the user in dynamically
generated web content. A remote attacker could exploit this vulnerability to perform reflected
cross-site scripting (XSS) attacks.