Guest

Preview Tool

Cisco Bug: CSCuq21158 - CUCDM: may be vulnerable to published vulnerabilities

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Hosted Collaboration Solution (HCS)

Known Affected Releases

10.1(1)

Description (partial)

Symptom:
Cisco Unified Communications Domain Manager includes a version of Mozilla NSS and Jinja2 that are affected by
the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2013-1620: The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider
timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC
padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via
statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. This has been
classified by the vendor as having a CVSSv2 score of 4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N)

CVE-2013-1739: Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are
initialized before read operations, which allows remote attackers to cause a denial of service or possibly
have unspecified other impact via vectors that trigger a decryption failure. This has been classified by the
vendor as having a CVSSv2 score of 5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P)

CVE-2013-1740: The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services
(NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof
SSL servers by using an arbitrary X.509 certificate during certain handshake traffic. This has been classified
by the vendor as having a CVSSv2 score of 5.8 (AV:N/AC:M/AU:N/C:P/I:P/A:N)

CVE-2013-1741: Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote
attackers to cause a denial of service or possibly have unspecified other impact via a large size value. This
has been classified by the vendor as having a CVSSv2 score of 7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)

CVE-2013-5605: Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote
attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake
packets. This has been classified by the vendor as having a CVSSv2 score of 7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)

CVE-2013-5606: The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services
(NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when
the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions
via a crafted certificate. This has been classified by the vendor as having a CVSSv2 score of 5.8
(AV:N/AC:M/AU:N/C:P/I:P/A:N)

CVE-2014-1492: The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking
implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is
embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof
SSL servers via a crafted certificate. This has been classified by the vendor as having a CVSSv2 score of 4.3
(AV:N/AC:M/AU:N/C:N/I:P/A:N)

CVE-2014-0012: FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create temporary directories, which
allows local users to gain privileges by pre-creating a temporary directory with a user's uid. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2014-1402. This has been classified by the vendor as
having a CVSSv2 score of 4.4 (AV:L/AC:M/AU:N/C:P/I:P/A:P)

CVE-2014-1402: The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not
properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a
name starting with __jinja2_ in /tmp. This has been classified by the vendor as having a CVSSv2 score of 4.4
(AV:L/AC:M/AU:N/C:P/I:P/A:P)


This bug was opened to address the potential impact on this product.

Conditions:
Running a version of Cisco Unified Communications Domain Manager prior to this bugfix
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.