First published: Thu Mar 12 2009(Updated: )
The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Unified Communications Manager Session Management Edition | =5.1\(3c\) | |
Cisco Unified Communications Manager Session Management Edition | =6.1\(2\) | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(2a\) | |
Cisco Unified Communications Manager Session Management Edition | =6.0\(1\) | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(2\) | |
Cisco Unified Communications Manager Session Management Edition | =4.2\(3\)sr2b | |
Cisco Unified Communications Manager Session Management Edition | =5.0 | |
Cisco Unified Communications Manager Session Management Edition | =4.3\(2\)sr1 | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(2b\) | |
Cisco Unified Communications Manager Session Management Edition | =6.1 | |
Cisco Unified Communications Manager Session Management Edition | =4.2 | |
Cisco Unified Communications Manager Session Management Edition | =4.3 | |
Cisco Unified Communications Manager Session Management Edition | =6.1\(3\) | |
Cisco Unified Communications Manager Session Management Edition | =6.1\(1\) | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(3d\) | |
Cisco Unified Communications Manager Session Management Edition | =4.2\(3\)sr1 | |
Cisco Unified Communications Manager Session Management Edition | =4.3\(1\)sr.1 | |
Cisco Unified Communications Manager Session Management Edition | =7.0\(1\) | |
Cisco Unified Communications Manager Session Management Edition | =4.2\(3\)sr4 | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(3\) | |
Cisco Unified Communications Manager Session Management Edition | =4.1 | |
Cisco Unified Communications Manager Session Management Edition | =6.0\(1a\) | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(1\) | |
Cisco Unified Communications Manager Session Management Edition | =7.0 | |
Cisco Unified Communications Manager Session Management Edition | =4.3\(2\) | |
Cisco Unified Communications Manager Session Management Edition | =6.1\(2\)su1 | |
Cisco Unified Communications Manager Session Management Edition | =5.1\(3a\) | |
Cisco Unified Communications Manager Session Management Edition | =6.0 | |
Cisco Unified Communications Manager Session Management Edition | =4.2\(3\)sr3 | |
Cisco Unified Communications Manager Session Management Edition | =6.1\(1a\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2009-0632 is rated as a medium severity vulnerability due to its potential to expose sensitive credentials.
To fix CVE-2009-0632, upgrade to a patched version of Cisco Unified Communications Manager as specified in the security advisory.
CVE-2009-0632 exposes privileged directory-service account credentials, which can lead to unauthorized access.
CVE-2009-0632 affects multiple versions of Cisco Unified Communications Manager, specifically versions prior to 4.2(3)SR4b, 4.3(2)SR1b, 5.1(3e), and others listed in the advisory.
The CVE-2009-0632 vulnerability affects the IP Phone Personal Address Book (PAB) Synchronizer feature of Cisco Unified Communications Manager.