CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
78.2%
According to its self-reported version, the Cisco Unified Communications Manager IM and Presence Server installed on the remote host is affected by a user enumeration vulnerability due to improper sanitation of returned messages. An attacker can exploit this vulnerability by sending a series of specially crafted URL requests to obtain information regarding valid user accounts.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(80460);
script_version("1.5");
script_cvs_date("Date: 2018/11/15 20:50:20");
script_cve_id("CVE-2014-8000");
script_bugtraq_id(71173);
script_xref(name:"CISCO-BUG-ID", value:"CSCur63497");
script_name(english:"Cisco Unified Communications Manager IM and Presence Service Enumeration Vulnerability (CSCur63497)");
script_summary(english:"Checks the CUPS version.");
script_set_attribute(attribute:"synopsis", value:"The remote host is missing a vendor-supplied security patch.");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, the Cisco Unified
Communications Manager IM and Presence Server installed on the remote
host is affected by a user enumeration vulnerability due to improper
sanitation of returned messages. An attacker can exploit this
vulnerability by sending a series of specially crafted URL requests to
obtain information regarding valid user accounts.");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewAlert.x?alertId=36467");
# https://tools.cisco.com/security/center/viewAlert.x?alertId=36467
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?011ba5a3");
script_set_attribute(attribute:"solution", value:"Upgrade to Cisco Unified Presence Server 9.1(1.61900.7) or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/11/19");
script_set_attribute(attribute:"patch_publication_date", value:"2014/11/19");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_communications_manager_im_and_presence_service");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_communications_manager");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_presence_server");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/UCOS/Cisco Unified Presence/version");
exit(0);
}
include("audit.inc");
include("cisco_func.inc");
display_version = get_kb_item_or_exit('Host/UCOS/Cisco Unified Presence/version');
match = eregmatch(string:display_version, pattern:'^([0-9.]+(?:-[0-9]+)?)($|[^0-9])');
if (isnull(match)) audit(AUDIT_FN_FAIL, 'eregmatch');
else version = str_replace(string:match[1], find:"-", replace:".");
# Fix_disp version formatted to be consistent with display_version
# for consistency in report
fix = '9.1.1.61900.7';
fix_disp = '9.1.1.61900-7';
if (
version =~ "^9\.1\.1([^0-9]|$)" &&
cisco_gen_ver_compare(a:version, b:fix) == -1
)
{
if (report_verbosity > 0)
{
report =
'\n Installed version : ' + display_version +
'\n Fixed version : ' + fix_disp +
'\n';
security_warning(port:0, extra:report);
}
else security_warning(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, 'CUPS', display_version);