Cisco UC Disaster Recovery Framework Command Execution Vulnerability

Cisco UC Disaster Recovery Framework Command Execution Vulnerability

Rated as : Critical Remotely Exploitable : YesLocally Exploitable : YesRelease Date : 2008-04-03

A vulnerability has been identified in various Cisco products, which could be exploited by remote attackers to cause a denial of service, disclose sensitive information, or take complete control of an affected system. This issue is caused by a design error in the Disaster Recovery Framework (DRF) Master server that does not perform authentication on requests received over the network, which could be exploited by remote unauthenticated attackers to perform DRF-related tasks and create a denial of service condition, obtain sensitive configuration information, overwrite configuration parameters, or execute arbitrary commands with full administrative privileges.   CreditsVulnerability reported by VoIPshield Systems.

Döküman Arama

Başlık :

Kapat