Description:

Cisco has released security updates to address multiple vulnerabilities in the following products:

• Cisco Unified Communications Manager (UCM)
  • 10.5(2)(SU9), 11.5(1)(SU6), 12.0(1)(SU3), 12.5(1)(SU1) and earlier
  • Releases prior to 11.5(1)
• Cisco Hosted Collaboration Mediation Fulfillment (HCM-F)
  • Releases prior to 12.5(1)
• Cisco IOS XR Software - Border Gateway Protocol (BGP) - Ethernet VPN (EVPN)
  • bit - 64bit32
  • Earlier than 6.6.3, 7.0.2, 7.1.1, 7.2.1
  • Later than 6.6.1
• Cisco Small Business Smart and Managed Switches firmware release earlier than 2.5.0.90
  • 250 Series Smart Switches
  • 350 Series Managed Switches
  • 550X Series Stackable Managed Switches
• Cisco SD-WAN vManage
  • Releases prior to 18.3.0
  • Releases prior to 19.1.0
  • Releases prior to 17.2.0
  • Release 18.4.1
• Cisco Unity Connection
  • Releases prior to 12.5 SU2
• Cisco Umbrella Roaming Client - Windows
  • Release 2.2.238
• Cisco AsyncOS for Cisco Web Security Appliance (WSA) - API Framework
  • Releases prior to 11.8.0-382
• Cisco Content Security Management Appliance (SMA) - API Framework
  • Releases prior to 13.0.0-187
• Cisco Unity Connection
  • Releases prior to Release 11.5SU7 and 12.5SU2
• Cisco Email Security Appliance
  • Releases prior to Release 13.0
• Cisco Application Policy Infrastructure Controller (APIC)
  • Releases prior to the first fixed software Release 4.2(3j)
• Cisco Jabber Guest
  • Release 11.1(2) and earlier
• Cisco Webex Teams client – Windows
  • Release 3.0.13131
• Cisco Smart Software Manager On-Prem
  • Releases prior to 7-201910
• Cisco IOS XE SD-WAN
  • Release 16.11 and earlier
• Csco TelePresence Collaboration Endpoint (CE) Software:
• Cisco TelePresence Codec (TC) Software:
• Cisco RoomOS Software:
  • Cisco TelePresence Integrator C Series
  • Cisco TelePresence MX Series
  • Cisco TelePresence SX Series
  • Cisco TelePresence System EX Series
  • Cisco Webex Board
  • Cisco Webex DX Series
  • Cisco Webex Room Series
• Cisco Firepower Management Center (FMC)

Threats:

Remote attacker could exploit these vulnerabilities by doing the following:

• Accessing the interface of UCM and viewing restricted portions of the software configuration.
• Cross-site scripting (XSS) attack in:
  • Cisco Small Business Smart and Managed Switches
  • Cisco Unity Connection
  • Cisco Jabber Guest
  • Cisco Email Security Appliance
• Sending BGP update messages to Cisco IOS XR Software that include a specific, malformed attribute to be processed causing the BGP process to restart unexpectedly, resulting in a DoS condition.
• Inject and execute arbitrary commands with vmanage user privileges in Cisco SD-WAN vManage.
• Modify entries in some database tables, affecting the integrity of the data.
• Bypass configured policy and install unapproved applications.
• Overwrite files in Cisco Unity Connection.
• Cross-site request forgery (CSRF) attack in UCM.
• Bypass configured IP table rules to drop specific IP port traffic in APIC.
• Elevate privileges to root-level privileges in Cisco SD-WAN vManageز
• Denial of service (DoS) attack.
• Execute arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review Cisco security advisory and apply the necessary updates:

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-cuc-info-disclosure
• https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=Y6hfxx8x2lDYK5AFyTSkJK3ajf6xKfpbe5mNbCH29tk,
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-bgp-dos
• https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=NsnY531X_aICIkf3BQwEC0j-d8SvaEGndLUOUIcfq8s,
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-cmd-inject
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-sql-inject
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-sqlinj
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-uc-xss
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-umbrella-msi-install
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-wsa-sma-header-inject
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-dirtrv-M9HpnME4
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-email-sec-xss-EbjXuXwP
• https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=F4xa1sYoJ8p-TMf_Q0ZGi8wcaKoLAS06t7Ht746nJj8,
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-dos-87mBkc8n
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iptable-bypass-GxW88XjL
• https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=v-ZxKOfESA9pDgZimDI1uS7KFarnuxdpjrip27WY2Xk,
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-csrf-NbhZTxL
• https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=LhInW-qIHFKE84XD1M8oFeJgwvLBWmFpz3I4w4Ny_08,
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-iosxr-bgp-dos
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-dos
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-evpn
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-ios-xr-routes
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-on-prem-dos
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200122-sdwan-priv-esc
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-cred-EVGSF259
• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-telepresence-path-tr-wdrnYEZZ
• https://tools.cisco.com/mwg-internal/de5fs23hu73ds/progress?id=ZU-AhTNA1RMubfnkXC8PJNlvUjlkGHGyG4hLxMoUZfI,