1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Cisco leaves key to all its Unified CDM systems under doormat

Discussion in 'Network World' started by RSS, Jul 3, 2015.

  1. RSS

    RSS New Member Member

    Cisco Systems recently realized that its Unified Communications Domain Manager (Unified CDM) software contains a default privileged account with a static password that cannot be changed, exposing the platform to hacking by remote attackers.

    The Cisco Unified CDM is part of the Cisco Hosted Collaboration System and provides automation and administrative functions for the Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Jabber applications, associated phones and software clients.

    The privileged account is created when Unified CDM is first installed and cannot be changed or removed without affecting the system’s functionality—although exactly how, Cisco didn’t say in its security advisory. The only solution, the company said, is to install the patches it released.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page