Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability.

ITS Advisory Number: 
2016-185
Date(s) Issued: 
Thursday, October 27, 2016
Subject: 
Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access Vulnerability.
Overview: 

The Cisco IP Interoperability and Collaboration System (IPICS) is an IP-based solution that offers comprehensive communication interoperability.  Using IPICS, dispatch and incident response personnel have the necessary tools to get the job done during mission-critical situations. The IPICS Server allows centralized management of network resources that include the Incident Management application and Policy Engine.

A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable.

Systems Affected: 
  • This vulnerability affects Cisco IPICS releases 4.8(1) to 4.10(1).
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
N/A
Description: 

A vulnerability in the interdevice communications interface of the Cisco IP Interoperability and Collaboration System (IPICS) Universal Media Services (UMS) could allow an unauthenticated, remote attacker to modify configuration parameters of the UMS and cause the system to become unavailable. The vulnerability is due to insufficient authentication for the interdevice communications interface access. An attacker could exploit this issue by accessing the interdevice communications interface and making changes to the UMS configuration, causing the system to become unavailable. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Determining the IPICS Software Release:

  • Open a web browser to your IPICS Admin Console, and observe the version shown on the title bar after you log in or log in to the IPICS Server console as root using SSH and run the versions command.

# versions

------------------------------------------------------------------------------

OS

------------------------------------------------------------------------------

Version        : Cisco IPICS Enterprise Linux Server release 4.5(1) Build

10p12

Built          : Mon Oct 06 2014 16:27:39 GMT

Installed      : Wed Dec 16 2015 18:57:53 GMT



------------------------------------------------------------------------------

IPICS-TOMCAT

------------------------------------------------------------------------------

Version   (RPM): 4.10(1)

Built     (RPM): Thu Jan 14 2016 04:00:07 GMT

Installed (RPM): Fri Jan 15 2016 23:23:17 GMT

Version   (WAR): 4.10(1)

Built     (WAR): Thu Jan 14 2016 12:00:00 GMT by dszarowi

Installed (WAR): Thu Jan 14 2016 12:01:41 GMT

Actions: 
  • After appropriate testing, install applicable updates provided by Cisco to the affected systems.
  • Verify no unauthorized system modifications have occurred on the system prior to applying the patch.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.