| Jun 30, 2008 |
Cisco Releases Security Advisory Cisco has released a Security Advisory to address multiple vulnerabilities in the Unified Communications Manager. The first vulnerability is due to improper handling of malformed data in the Computer Telephony Integration Manager service. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition. The second vulnerability is due to improper access restrictions in the Real-Time Information Server Data Collector process. This vulnerability may allow an attacker to bypass security restrictions and obtain sensitive information which may be used for further attacks. US-CERT encourages users to review Cisco Security Advisory cicso-sa-20080625-cucm and apply any necessary updates or fixes. |