Threat Level: green Handler on Duty: Kevin Liston

SANS ISC: Cisco Unified Videoconferencing Affected by Multiple Vulnerabilities - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco Unified Videoconferencing Affected by Multiple Vulnerabilities

Multiple vulnerabilities have been reported in Cisco Unified Videoconferencing (Cisco UVC) 5100 series which also impact Cisco Unified Videoconferencing 5200 and 3500 Series.[1]


There is currently no fixes for these vulnerabilities and Cisco recommends "limiting access to Cisco UVC web server to trusted hosts by disabling FTP, SSH, and Telnet services and by setting the "Security mode" field in the "Security" section of the Cisco UVC web GUI to Maximum."

The complete list of affected products/versions, including detailed information about the vulnerabilities can be found here.

[1] http://www.cisco.com/warp/public/707/cisco-sr-20101117-cuvc.shtml


-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Guy

424 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!