Feeds

Running Cisco's VoIP manager? Four words you don't want to hear: 'Backdoor SSH root key'

Hardwired login in Unified Comms Domain Manager

Secure remote control for conventional and virtual desktops

Cisco has warned Unified Communications installations can be remotely hijacked by miscreants, thanks to a hardwired SSH private key.

In an advisory, the networking giant said unauthenticated attackers can log into its Unified Communications Domain Manager (Unified CDM) software as a root-level user by exploiting a default SSH key meant for Cisco support reps. The key is embedded in the software, and can be extracted by reverse engineering the Unified CDM's binary.

"This will allow the attacker to connect by using the support account to the system without requiring any form of authentication," Cisco warned.

"An exploit could allow the attacker to gain access to the system with the privileges of the root user."

The vulnerability is said to be present in all versions of Cisco Unified CDM prior to version 4.4.2. The Unified CDM is part of a package Cisco and OEMs offer for large-scale enterprise and service-provider unified communications systems. It's used to manage VoIP, corporate chat and similar things at big outfits.

Dr Johannes Ullrich of the Sans Institute said that the SSH flaw poses a particular threat as it leaves attackers with a backdoor to access vulnerable networks.

"Having the same key on all systems is mistake number one, but wouldn't be fatal if the secret key would have been tugged away in Cisco's special safe deposit box," Ullrich explained.

"Instead, they left the secret key on customer systems as well. So in other words: If you own one of the systems, you got the key to access all of them."

Ullrich advises that companies make sure their Unified CDM software is updated with a patch from Cisco, and in the meantime the flaw can be mitigated by filtering SSH access to at-risk systems.

The remaining two flaws in the advisory include an elevation of privilege vulnerability in the administration GUI, and a data manipulation vulnerability that could allow an attacker to remotely tamper with some user account settings. Those flaws can also be remedied by updating to the latest version of Unified CDM. ®

Intelligent flash storage arrays

More from The Register

next story
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
IBM, backing away from hardware? NEVER!
Don't be so sure, so-surers
Hey - who wants 4.8 TERABYTES almost AS FAST AS MEMORY?
China's Memblaze says they've got it in PCIe. Yow
Microsoft brings the CLOUD that GOES ON FOREVER
Sky's the limit with unrestricted space in the cloud
This time it's SO REAL: Overcoming the open-source orgasm myth with TODO
If the web giants need it to work, hey, maybe it'll work
'ANYTHING BUT STABLE' Netflix suffers BIG Europe-wide outage
Friday night LIVE? Nope. The only thing streaming are tears down my face
Google roolz! Nest buys Revolv, KILLS new sales of home hub
Take my temperature, I'm feeling a little bit dizzy
Storage array giants can use Azure to evacuate their back ends
Site Recovery can help to move snapshots around
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.