#VU7188 Authentication bypass in Cisco Unified Contact Center Express - CVE-2017-6722

Cybersecurity Help s.r.o.

Published: 2017-06-23

Vulnerability identifier: #VU7188

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-6722

CWE-ID: CWE-287

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco Unified Contact Center Express
Server applications / Web servers

Vendor: Cisco Systems, Inc

Description
The vulnerability allows a remote unauthenticated attacker to bypass authentication.

The weakness exists in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) due to the XMPP service incorrectly processing an unsecured HTTP port for third-party, remote presence monitoring. A remote attacker can gain unauthorized access to the system.

Mitigation
Update to version 11.5(1.10000.61).

Vulnerable software versions

Cisco Unified Contact Center Express: 10.6.1

External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ucce

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Authentication bypass in Cisco Unified Contact Center Express