-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0005 Title: Vulnerabilities in Cisco IP Video Phone E20 [1] and Digital Media Manager [2]. Version history: 19.01.2012 Initial publication Summary ======= + Cisco IP Video Phone E20 Default Root Account Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device. The vulnerability is due to an architectural change that was made in the way the system maintains administrative accounts. During the process of upgrading a Cisco IP Video Phone E20 device to TE 4.1.0, an unsecured default account may be introduced. An attacker who is able to take advantage of this vulnerability could log in to the device as the root user and perform arbitrary actions with elevated privileges. CVE-2011-4659 (CSCtw69889) Cisco TelePresence TE Software Default Root Account Vulnerability CVSS v2 Base Score: 10.0 (CRITICAL) Remote: Yes Credibility: Vendor Confirmed Impact: Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to gain root access to the affected device. + Cisco Digital Media Manager Privilege Escalation Vulnerability Cisco Digital Media Manager contains a vulnerability that may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system. Cisco Show and Share is not directly affected by this vulnerability. However, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, attackers who compromise the Cisco Digital Media Manager may gain full access to Cisco Show and Share. CVE-2012-0329 (CSCts63878) Digital Media Manager Privilege Escalation Vulnerability CVSS v2 Base Score: 9.0 (HIGH) Remote: Yes Credibility: Vendor Confirmed Impact: Successful exploitation of the vulnerability may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system. Additionally, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, successful exploitation of the vulnerability on Cisco Digital Media Manager may allow the remote attacker to gain full access to Cisco Show and Share Vulnerable systems ================== Cisco IP Video Phone E20 devices that have been upgraded to TE 4.1.0 Cisco Digital Media Manager version: prior to 5.2 Cisco Digital Media Manager version: 5.2.1 Cisco Digital Media Manager version: 5.2.1.1 Cisco Digital Media Manager version: 5.2.2 Cisco Digital Media Manager version: 5.2.3 What can you do? ================ + Cisco IP Video Phone E20 Default Root Account Updates are available from the vendor [1]. Workarounds: Administrators are advised to reset both the admin and root passwords Updates are available from the vendor. [2] Workarounds: none What to tell your users? ======================== N/A More information ================ [1] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-te [2] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm Best regards, CERT-EU CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 (DISCLAIMER: CERT-EU, the CERT for the EU institutions, is currently in its setup phase, until May 2012. Services are provided in a pilot fashion, and are not yet fully functional. Announcements, alerts and warnings are sent out in best effort manner, and to contact information currently known to us. We apologise if you are not the correct recipient, or if you had already been warned about this issue from another source . Format, content and way of alerting are subject to change in the future. Contact information or even the team name may change as well.) -----BEGIN PGP SIGNATURE----- Version: BCPG v1.39 iQJXBAEBAgBBBQJPGUe5OhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4MF7g//STqn/grt gVbLwkRuE+sSDagtxWzR7lPSBXnQ0RbLxM8gPq8mBnVXCTvsfxne29Os5GTcX9fm GGqWqu3nnbMLoXXqY5eHOtbilloTKxv2sYV/tGx0OMenMOoUnLJFovpuwJdTyQ2v JJOR8c4ulkUFVILI0L9jrRZn2PlTygfQd+LpZ4nC5WJXflkgkCXB0xGWMJrPndup m2l/EvUORVt2emZUYOXKu+INwil31sZgGWOvrtz6NrlqK8/HZI/pW7Umj6Gj4fKG c4Hi71+EXJ3ch9SW2W2Cn+ML3wEKbBm33rtA6vBm279yB3kcbWK61wepfspBt6we pmdWbKRsoqtM6W1snWjEBW+emT0unBJIYxVnT/tKNA7Acw4CHlkSaAhu6sVejpsc Q9HOMpLPPp9ynL2SehANZ67cvIAzj5poAiFuv5CoKAiSmF4x+OWIXax2eTC3aWVt hly+yYSVF50adl4nhcKmnYP5uzJoaFbkvxMdxDmE1V+f8Z6KAwtT45pFASwRgtzy QNCsGEbj6uL1A9xIG87B+JZjmjzXET6mB8XUAx2xvqgOO3fCsVspsJbj0ouKBMk2 Q65gnjAQtUHnhmyB4tmRc6QkAH5BNg6DtZySvHZEC4UAtVou/tHMgWCbF6Pbg2WQ /LRINNzLrpimJW1WFXdsyZX2CoB78yJUswE= =wgV4 -----END PGP SIGNATURE-----