|
Cisco Voice Portal Privilege Escalation Vulnerability
|
|
Secunia Advisory:
|
SA30289
|
|
|
Release Date:
|
2008-05-22
|
|
Popularity:
|
1,063 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Privilege escalation
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Cisco Unified Customer Voice Portal 4.x
Cisco Unified Customer Voice Portal 7.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2008-2053
|
|
Description:
A vulnerability has been reported in Cisco Voice Portal (CVP), which can be exploited by malicious users to gain escalated privileges.
The vulnerability is caused due to an unspecified error and can be exploited by a user with administrator privileges to create, modify, or delete a superuser account.
The vulnerability is reported in versions prior to 4.0(2)_ES14 for the 4.0.x release, 4.1(1)_ES11 for the 4.1.x release, and 7.0(1) for the 7.x release.
Solution:
CVP 4.0.x:
Update to 4.0(2)_ES14:
http://www.cisco.com/pcgi-bin/tablebuild.pl/36833091037661f49ad8152368c22bbf
CVP 4.1.x:
Update to 4.1(1)_ES11:
http://www.cisco.com/pcgi-bin/tablebuild.pl/946b57654c80187da8c3cfc0aa02866e
CVP 7.x:
Update to 7.0(1) or later.
Provided and/or discovered by:
Reported by the vendor.
Original Advisory:
http://www.cisco.com/warp/public/707/cisco-sa-20080521-cvp.shtml
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
