"Cisco Patches High-Severity Vulnerabilities in Enterprise Applications"

Cisco recently announced security updates for several enterprise applications to patch high-severity vulnerabilities leading to privilege escalation, SQL injection, directory traversal, and denial-of-service (DoS).  The most severe of these impacts the web management interface of Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).  The bug is tracked as CVE-2023-20211 (CVSS score of 8.1), and is described as an improper validation of user-supplied input that could allow a remote, authenticated attacker to perform an SQL injection attack.  Cisco noted that an attacker could exploit this vulnerability by authenticating to the application as a user with read-only or higher privileges and sending crafted HTTP requests to an affected system.  A successful exploit could allow the attacker to read or modify data in the underlying database or elevate their privileges.  Cisco addressed the flaw with the release of Unified CM and Unified CM SME versions 12.5(1)SU8 and also released a patch file for version 14 of the applications.  Cisco warned that proof-of-concept (PoC) exploit code targeting the vulnerability has been released.  Cisco also announced patches for CVE-2023-20224, an elevation of privilege bug in the ThousandEyes Enterprise Agent, Virtual Appliance installation type.  Also rooted in the insufficient input validation of user-supplied input, Cisco noted that the issue could allow an attacker to authenticate to an affected device via crafted commands.  The attacker could then execute commands with root privileges.  Cisco pointed out that the attacker must have valid credentials to exploit this vulnerability.  The bug was addressed in ThousandEyes Enterprise Agent version 0.230.  The article continues to talk about the other vulnerabilities Cisco patched. 
 

SecurityWeek reports: "Cisco Patches High-Severity Vulnerabilities in Enterprise Applications"