Multiple Cisco Contact Center Products Vulnerabilities
TL;DR 📌
Multiple vulnerabilities have been identified in Cisco Contact Center products, allowing authenticated attackers to potentially disclose sensitive information, execute arbitrary commands, and elevate privileges. The highest CVSS score is 6.5, indicating a medium risk. Users are advised to upgrade to fixed software releases as there are no available workarounds.
What happened 🕵️♂️
Cisco has disclosed multiple vulnerabilities affecting its Contact Center products, including Cisco Unified Contact Center Express (Unified CCX), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Packaged Contact Center Enterprise (Packaged CCE), and Cisco Unified Intelligence Center (CUIC). These vulnerabilities can be exploited by authenticated remote attackers to disclose sensitive information, upload and execute arbitrary files, and elevate privileges to root. Successful exploitation requires valid user credentials.
Affected products 🖥️
The vulnerabilities affect the following products:
- Cisco Unified Contact Center Express (Unified CCX)
- Cisco Unified Contact Center Enterprise (Unified CCE)
- Cisco Packaged Contact Center Enterprise (Packaged CCE)
- Cisco Unified Intelligence Center (CUIC)
Fixed software 🔧
Upgrade to the first fixed release in your train (or later):
| Release / Product | First Fixed Release | Notes |
|---|---|---|
| 15.0 | 15.0 ES01 | |
| 12.6 and earlier | Migrate to a fixed release. | |
| 15.0 | 15.0(01) ES202508 | |
| 1.0 | Initial public release. | |
| Cisco Unified CCX | 12.5 SU3 ES07 | 12.5 SU3 and earlier |
| Cisco Unified CCX | 15.0 ES01 | 15.0 |
| Cisco Unified Intelligence Center | Migrate to a fixed release | 12.6 and earlier |
| Cisco Unified Intelligence Center | 15.0(01) ES202508 | 15.0 |
Workarounds 🧯
There are no workarounds available for these vulnerabilities.
Risk in context 🎯
The vulnerabilities present a medium risk (CVSS score of 6.5) primarily due to the requirement for valid credentials to exploit them. This means that while the attack surface is limited to authenticated users, the potential for sensitive data exposure and system compromise remains significant. Organizations using the affected Cisco products should prioritize upgrading to the fixed software releases to mitigate these risks.
Fast facts ⚡
- Highest CVSS Score: 6.5 (Medium)
- Attack Vector: Requires authenticated access
- Exploitation Impact: Sensitive information disclosure, arbitrary file upload, remote code execution, privilege escalation
- Workarounds: None available
For leadership 🧭
Cisco has identified multiple vulnerabilities in its Contact Center products, rated as medium risk (CVSS 6.5). These vulnerabilities require valid credentials for exploitation, limiting exposure primarily to authenticated users. However, the potential for sensitive data compromise and system control is significant.
Remediation ask: Upgrade to fixed software releases within 30 days to mitigate risks.
Operational impact: Expect a brief maintenance window with no anticipated configuration drift.
Now / Next / Later:
- Now: Review affected products and assess current software versions.
- Next: Plan and schedule upgrades to the fixed releases.
- Later: Monitor for any further advisories or updates from Cisco regarding these vulnerabilities.