RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Cisco Unified Communications Manager Business Edition (Unified CMBE)

Product
The name of the base system (platform): Cisco Unified Communication Manager (CUCM)
Developers: Cisco Systems
Last Release Date: July 2012
Technology: IP-telephony

Content

History

2026: Attackers were able to infiltrate Cisco's universal communications system

In the twentieth of January, FSTEC warned of the discovery of a critical vulnerability BDU:2026-00706[1] in the following Cisco systems: call processing Unified Communications Manager (CUCM) and Unified Communications Manager IM & Presence Service (Unified CM IM&P), IP telephony management Unified Communications Manager Session Management Edition (SME), Unified Instance web messaging platform and cloud-based communication platform. The danger level is indicated as 9.8, and there is an exploit for the detected error.

Fixes have been released for the vulnerability - FSTEC recommends that users install them as quickly as possible. The manufacturer has released fixes only 14 and 15 versions of its products - 14SU5 and 15SU4, respectively. However, there are also sets of updates for each version, which also allow you to fix the error. Users of version 12.5 are advised to upgrade to those versions for which patches have been published.

Attackers can exploit Cisco universal communications vulnerability to hijack corporate network

Cisco Unified Communications is Cisco's unified communications system, which is a suite of voice, data, and video products and applications. They allow employees to communicate with each other in real time and exchange information through multimedia communication channels, for example, through a video telephony system, audio and web conferences, an IP telephony system, a voice and e-mail messaging system, facsimile communication, and so on. At the same time, they are based on standard web technologies, which allows them to be hacked using techniques characteristic of attacks on web applications.

In particular, the BDU:2026-00706 vulnerability is an injection of operating system commands caused by incorrect code generation control (CWE-94). The vulnerability is related to incorrect validation of user data in HTTP requests. An attacker can use this vulnerability to send a special sequence of HTTP requests that will allow him to access the underlying operating system.

File:Aquote1.png
The vulnerability lies in incorrect validation of input data provided by the user in HTTP requests, "Dmitry Chindyaskin, deputy technical director of Softline Solutions, explained to TAdviser readers the specifics of exploiting the vulnerability. - Using this vulnerability, an attacker can gain access to the operating system, then raising his privileges to administrative.
File:Aquote2.png

Having gained access to the system, the attacker, according to the expert, can completely paralyze the work of the united communications system, and thereby cause significant damage to the business. In addition, the bug allows you to override configurations, obtain and use a contact database, and perform other malicious actions using business-sensitive data.

File:Aquote1.png
It is known that the vulnerability is actively exploited by cybercriminals, respectively, companies using this control system need to update the software as soon as possible, - warned Russian users of the product Alexander Kolesov, head of development and research at Bastion. - The number of products exposed to the vulnerability is large. Some of them are often found during external pentests. To exploit it, you need to know the path where it is implemented, and also check that the control panel of devices/systems affected by the vulnerability is available from the Internet.
File:Aquote2.png

The Cisco instruction states that there are no compensatory measures, but FSTEC employees invite those users who cannot access the updates to do the following:

  • Use Web Application Layer Firewall (WAF) to filter HTTP requests;
  • Segment networks to restrict access to systems from other subnets;
  • Configure an intrusion detection and prevention system to detect (detect, register) and respond to attempts to exploit a vulnerability;
  • Restrict access to vulnerable systems from external networks.

2025: Cisco Solution Reveals Vulnerability to Gain Full Control Over Contact Center Servers

In early November, FSTEC sent a warning about the discovery of a critical vulnerability BDU:2025-13865[2] in the Cisco Unified Contact Center Enterprise (UCCE) contact center solution. The vulnerability was assessed as critical in 9.8 (out of 10) by CVSS version 3 and has already been fixed by the manufacturer. FSTEC experts advise[3] to owners of vulnerable solutions to promptly follow the manufacturer's recommendations and update Cisco contact centers to versions higher than 12.5 SU3 ES07 and 15.0 ES01.

Unified Contact Center is the heart of Cisco's enterprise contact center

Cisco UCCE is an integrated customer contact center management solution. Positioned as a "contact center in a box," designed for up to 400 agents. Can be integrated with Unified Communications Manager and Business Edition. It includes an intelligent call distribution system, interactive voice interaction (IVR), computer telephone integration (CTI), and applications for contact center operators and supervisors.

The vulnerability is related to the Java Remote Method Invocation (RMI) software interface, which can be used to force Cisco UCCE to perform unlimited loading of dangerous type files (CWE-434). True, the department does not yet have information about its operation "in wildlife," and the exploit has not been published for it.

File:Aquote1.png
The vulnerability allows an attacker to download a specially crafted file and execute arbitrary code with superuser rights on the server, "Kirill Levkin, MD Audit project manager, explained to TAdviser the danger of the vulnerability. - This actually gives full control over the contact center server: access to call processing scenarios, customer databases and integrations with CRM, the ability to transfer traffic, covert installation of backdoors and further movement over the network.
File:Aquote2.png

Attackers can organize an attack on a corporate contact center and through it penetrate the internal network of the company. To protect against such an attack scenario, the expert recommends restricting access to RMI and administrative interfaces only from trusted IP addresses or via secure channels, isolating contact center servers from the rest of the network and activating anomaly monitoring in security systems. The key task is to prevent unauthorized access. The contact center is often closely connected to CRM and other business systems, so even a single compromise can quickly develop into a large-scale incident.

2012: Cisco Unified Communications Manager Business Edition 6000 (Unified CMBE 6000)

In the summer of 2012, Cisco prepared the expanded version of the Unified Communications Manager Business Edition communication center (IP-telephone exchange) to be launched on the market. The Cisco BE 6000 is capable of serving from 100 to 1 thousand subscribers (1.2 thousand lines, 50 offices), which meets the needs of medium-sized businesses. Sales of the product in Russia are expected to begin in the fall of 2012.

"The Unified Communication Manager Business Edition hardware uses the same software core as CallManager solutions to maximize call processing for large corporations. The difference lies in the price optimized for medium-sized businesses, simplified operation of the system, as well as in the fewer subscribers served by one station, "− comments Pavel Teplov, Business Development Manager of Cisco's" Technologies for Collaboration "division in Russia/CIS
.

Like the previously released Cisco BE 3000, Unified Communications Manager Business Edition 6000 supports analog, IP and video telephones, allows you to use software clients as corporate communications (including the Cisco Jabber and Cisco WebEx multimedia and unified communications application families). The system also supports the functions of subscriber availability control (Presence), instant messaging, collaboration and conference on computers and laptops with Windows and Mac OS operating systems, on tablet devices and smartphones.

The new solution makes it possible to deploy five virtual unified communications services on the basis of one platform: Unified Communications Manager (IP-PBX), Unity Connection (voice mail system), Unified Presence (subscriber availability control and instant messaging), Unified Contact Center Express (contact center for a maximum of 400 operators) and Provisioning Manager (tool for automating subscriber base management tasks).

The Unified Contact Center Express service deserves special attention, which allows organizing the work of contact center operators on the basis of the BE 6000. The Cisco BE 6000 is ready to serve up to 100 call center operators, and if necessary, their number can be increased to 400 by using an additional server.

"According to global statistics, 80 percent of contact centers have less than 100 workplaces. Thus, the Cisco BE 6000 device can be used not only as a corporate IP-PBX, but also as a full-fledged contact center," − says Vladimir Dolgov, consulting engineer at Cisco Technologies for Collaboration in Russia/CIS.


2011: Cisco Unified Communications Manager Business Edition 3000 (Unified CMBE 3000)

The new IP-telephone exchange Cisco Unified Communications Manager Business Edition 3000 (Unified CMBE 3000), designed for small and medium-sized businesses, entered the Russian market in November 2011. Up to 300 users and 10 offices can be connected to this device. It guarantees high quality voice communication, has an expanded set of telephony functions, supports analog phones, allows you to use mobile sets of employees for corporate calls and includes two ports in the solution - E1 and SIP trunks.

By upgrading to the Cisco Unified CMBE 3000, enterprises will be able to ensure continuous availability of staff anywhere, improve customer service and satisfaction, and increase productivity by sharing information more quickly and accurately.

This solution includes built-in systems for scheduled, on-demand, and voice mail conferencing. It supports the functions of parking, call transfer and hold, transfer of calls to mobile sets of employees. The Cisco Unified CMBE 3000 is based on a specialized MCS 7890 device that provides centralized call processing in several offices and implements the functions of automatic assistant (voice menu), mobility (including for organizing remote work and providing a single number), equipment status monitoring, backup and data recovery.

The Cisco Unified CMBE 3000 features maximum ease of management and speed of implementation. Administration is carried out through an intuitive web interface with a standard simple menu in Russian. Tasks such as configuring user and phone profiles, voice mail accounts, or even configuring E1/SIP connections do not require special training. The solution is seamlessly integrated with personal computers, laptops, IP softphones for PC and MAC.

Notes

  1. BDU:2026-00706
  2. BDU:2025-13865
  3. Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities
Источник — «https://tadviser.com/index.php/Product:Cisco_Unified_Communications_Manager_Business_Edition_(Unified_CMBE)»

Шестерня

The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article

If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible.

How to create a "smart plant": Key characteristics of a modern digital enterprise
Model Studio CS: How to use BIM to give new impetus to the development of the fuel and energy complex