Cisco Unified Contact Center Enterprise Cloud Connect Insufficient Access Control Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 6.5 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE). This flaw could allow unauthenticated, remote attackers to read and modify data on affected devices. Cisco has released software updates to address this issue, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE) has been discovered. This issue arises from insufficient access controls, enabling unauthenticated remote attackers to send crafted TCP data to a specific port on affected devices. If successfully exploited, attackers could read or modify data on these devices.

Affected products 🖥️

At the time of publication, the vulnerability affects Cisco Unified CCE Cloud Connect, regardless of device configuration. Specific software releases that were vulnerable include:

  • Cisco Unified CCE Cloud Connect Release 12.6.2 (requires migration to a fixed release)
  • Cisco Unified CCE Cloud Connect Release 12.6.1 and earlier (not vulnerable)
  • Cisco Unified CCE Cloud Connect Release 15.0.1 (not vulnerable)

Fixed software 🔧

Upgrade to at least the first fixed release in your train (or later):

Product / Release Train First Fixed Release Notes
ISE / ISE-PIC 1.0 Initial public release.

Workarounds 🧯

There are no workarounds available to mitigate this vulnerability.

Risk in context 🎯

With a CVSS score of 6.5, this vulnerability is classified as medium severity. The potential for unauthorized data access and modification poses a significant risk to organizations using affected Cisco Unified CCE Cloud Connect systems. Immediate action is recommended to upgrade to a fixed release.

Fast facts ⚡

  • Advisory ID: cisco-sa-contcent-insuffacces-ArDOVhN8
  • CVSS Score: 6.5 (Medium)
  • Vulnerability Type: Insufficient Access Control
  • Exploitation: Unauthenticated remote attackers can exploit this vulnerability.

For leadership 🧭

This advisory highlights a critical need for timely software updates to protect against potential data breaches. Organizations should prioritize upgrading affected systems to mitigate risks associated with this vulnerability. Regularly reviewing security advisories and ensuring compliance with Cisco’s recommendations will help maintain the integrity and security of network operations.