Title: Cisco Unity Default User Accounts and IP Addresses Multiple Vulnerabilities
Severity: HIGH
Description:
Unity is a Cisco software product designed to unify voice message, fax, and e-mail into a user's inbox.
Multiple vulnerabilities have been identified in Cisco Unity running on IBM servers. It has been reported that vulnerable systems contain default user accounts and default IP addresses that could be used by an attacker to gain unauthorized access.
The following specific issues have been identified:
A local user account with 'log on locally' rights named "bubba" may be present on the system. Remote attackers who are aware of the default account may use it to gain unauthorized access to the vulnerable system.
It has been reported that upon installation, the RAID Management service attempts to establish a TCP session with a RAID server address embedded in the RaidNLst.ser file. The RaidNLst.ser file is stored in the C:\Program Files\RaidMan directory. This specific address was used during the testing of the application. The issue results in opening TCP port 34571 and listening for remote contact. This vulnerability may allow a remote attacker to gain access to a vulnerable system via this open port.
The Cisco Unity Server is configured to get an IP Address from a DHCP server upon installation. If a local DHCP server does not exist, the vulnerable system will repeatedly send packets to a DHCP server specified by the manufacturer during testing. This server only stops contacting the default network once a local DHCP server is identified or a static entry is made for a local DHCP server.
These issues are only present on Unity installation disks with specific part numbers. Part numbers on disks containing these issues are as follows:
80-7111-01 for the UNITY-SVRX255-1A
80-7112-01 for the UNITY-SVRX255-2A
Affected Products:
- Cisco 80-7111-01 for the UNITY-SVRX255-1A 0.0.0
- Cisco 80-7112-01 for the UNITY-SVRX255-2A 0.0.0
- Cisco Unity Server 0.0.0
- Cisco Unity Server 2.0.0
- Cisco Unity Server 2.1.0
- Cisco Unity Server 2.2.0
- Cisco Unity Server 2.3.0
- Cisco Unity Server 2.4.0
- Cisco Unity Server 2.46.0
- Cisco Unity Server 3.0.0
- Cisco Unity Server 3.1.0
- Cisco Unity Server 3.2.0
- Cisco Unity Server 3.3.0
- Cisco Unity Server 4.0.0
References:
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
