Feeds

Running Cisco's VoIP manager? Four words you don't want to hear: 'Backdoor SSH root key'

Hardwired login in Unified Comms Domain Manager

Mobile application security vulnerability report

Cisco has warned Unified Communications installations can be remotely hijacked by miscreants, thanks to a hardwired SSH private key.

In an advisory, the networking giant said unauthenticated attackers can log into its Unified Communications Domain Manager (Unified CDM) software as a root-level user by exploiting a default SSH key meant for Cisco support reps. The key is embedded in the software, and can be extracted by reverse engineering the Unified CDM's binary.

"This will allow the attacker to connect by using the support account to the system without requiring any form of authentication," Cisco warned.

"An exploit could allow the attacker to gain access to the system with the privileges of the root user."

The vulnerability is said to be present in all versions of Cisco Unified CDM prior to version 4.4.2. The Unified CDM is part of a package Cisco and OEMs offer for large-scale enterprise and service-provider unified communications systems. It's used to manage VoIP, corporate chat and similar things at big outfits.

Dr Johannes Ullrich of the Sans Institute said that the SSH flaw poses a particular threat as it leaves attackers with a backdoor to access vulnerable networks.

"Having the same key on all systems is mistake number one, but wouldn't be fatal if the secret key would have been tugged away in Cisco's special safe deposit box," Ullrich explained.

"Instead, they left the secret key on customer systems as well. So in other words: If you own one of the systems, you got the key to access all of them."

Ullrich advises that companies make sure their Unified CDM software is updated with a patch from Cisco, and in the meantime the flaw can be mitigated by filtering SSH access to at-risk systems.

The remaining two flaws in the advisory include an elevation of privilege vulnerability in the administration GUI, and a data manipulation vulnerability that could allow an attacker to remotely tamper with some user account settings. Those flaws can also be remedied by updating to the latest version of Unified CDM. ®

Bridging the IT gap between rising business demands and ageing tools

More from The Register

next story
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
Seagate chances ARM with NAS boxes for the SOHO crowd
There's an Atom-powered offering, too
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.