Attackers could target call centers that rely on Cisco Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM). There are also security updates for Enterprise Chat and Prime Access Registrar Appliance, among others.
Attacker as admin
The vulnerability (CVE-2022-20658) in Unified CCMP and Unified CCDM is identified as “critical” classified. In a warning message, Cisco carries out possible attacks: If attackers have advanced user credentials, they could target the vulnerability in the web-based management interface. Because there is no server-side validation of user rights, a crafted HTTP request can throw errors.
If everything works, attackers should be able to create admin accounts and use them to modify phone resources, among other things. According to the network supplier, version 12.6.1 is not affected. Expenditure 11.6.1 ES17, 12.0.1 ES5 and 12.5.1 ES5 are secured against such attacks.
The remaining gaps are with the threat level “medium“. After successful attacks, attackers could carry out XSS attacks on Prime Infrastructure or leak information from the Adaptive Security Device Manager.
Admins can find more information about the gaps and security updates in the warning messages linked below this message.
List sorted by threat level in descending order: