Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability
TL;DR π
A cross-site scripting (XSS) vulnerability has been identified in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service. This flaw could allow an unauthenticated remote attacker to execute arbitrary script code, potentially compromising sensitive information. Cisco has released fixed software versions, and there are no workarounds available.
What happened π΅οΈββοΈ
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) was discovered. This vulnerability arises from improper validation of user-supplied input, enabling an attacker to conduct a cross-site scripting (XSS) attack. By persuading a user to click on a malicious link, an attacker could execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.
Affected products π₯οΈ
The vulnerability affects Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) across all device configurations.
Fixed software π§
Upgrade to the first fixed release in your train (or later):
| Release / Product | First Fixed Release | Notes |
|---|---|---|
| 12.5 | Migrate to a fixed release. | |
| 14 | Migrate to a fixed release. | |
| 15 | 15SU3 | |
| 1.0 | Initial public release. | |
| Cisco Unified CM IM&P | 15SU3 | 12.5, 14 |
Workarounds π§―
There are no workarounds available to mitigate this vulnerability.
Risk in context π―
The highest CVSS score for this vulnerability is 6.1, categorizing it as Medium severity. The exposure is primarily driven by the fact that the attack can be executed remotely without authentication, posing a risk to users of the web-based management interface. While there is no immediate evidence of exploitation, the potential for sensitive information exposure remains a concern.
Fast facts β‘
- Vulnerability Type: Cross-Site Scripting (XSS)
- CVSS Score: 6.1 (Medium)
- Exploitation: Requires user interaction (clicking a link)
- No workarounds available
For leadership π§
This advisory highlights a Medium severity cross-site scripting vulnerability in Cisco Unified Communications Manager IM & Presence Service. The risk is notable due to the potential for unauthenticated remote exploitation, which could lead to unauthorized access to sensitive information. Immediate remediation is advisedβpatching should occur within 7 days, as fixed releases are available. The operational impact is expected to be minimal, requiring a brief maintenance window without expected configuration drift.
Now: Review the advisory and assess your current software version.
Next: Schedule and implement the necessary software upgrades.
Later: Monitor for any updates or additional advisories related to this vulnerability.