‘Cisco Unified Contact Center Express Vulnerabilities’
‘The original article can be found at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2f110.shtml‘
* Cisco UCCX versions 5.x, 6.x, and 7.x
* Cisco Customer Response Solution (CRS) versions 5.x, 6.x, and 7.x
* Cisco Unified IP Interactive Voice Response (Cisco Unified IP IVR) versions 5.x, 6.x, and 7.x
A DoS vulnerability exists in the computer telephony integration (CTI) server component of the Cisco UCCX product. The CTI server is only started when the Integrated Call Distribution (ICD) license is enabled, Cisco Unified IP Interactive Voice Response (Cisco Unified IP IVR) deployments are not affected by the CTI server DoS vulnerability. The CTI server listens by default on TCP port 42027, although the port number can be changed in the System Port Parameters screen. This vulnerability is triggered by malformed CTI messages addressed to the vulnerable systems that could cause the CTI server and the Cisco Unified CCX Node Manager to fail, and all active agents will be logged out. The DoS condition will be temporal and the Cisco UCCX system will become operational again once the node manager and the CTI server complete their automatic restart.
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
There are no workarounds for these vulnerabilities. Additional mitigations that can be deployed on Cisco devices in the network are available in the Cisco Applied Mitigation Bulletin companion document for this advisory, which is available at the following link: http://www.cisco.com/warp/public/707/cisco-amb-20100609-uccx.shtml.
2010-June-09: Initial public release.’