Cisco Voice OS未授权访问漏洞(CVE-2017-12337)
受影响系统:
Cisco Unified Communications Manager
Cisco Social Miner
Cisco Voice OS
描述:BUGTRAQ ID: 101865
CVE(CAN) ID: CVE-2017-12337
Cisco Voice OS是思科语音解决方案操作系统。
Cisco Voice OS平台上的协作产品升级机制存在安全漏洞,可使未经身份验证的远程攻击者获取提升的访问。
<*来源:Quentin Rhoads-Herrera
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos
*>
建议:厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20171115-vos)以及相应补丁:
cisco-sa-20171115-vos:Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos