Cisco Call Manager Vulnerability…

A recent article in The Hacker News (THN) discusses a brute force vulnerability in the Cisco Call Manager, also known as the Unified Communications Manager, identified by Roberto Suggi Liverani. He is the founder of the OWASP (Open Web Application Security Project) New Zealand chapter. In his blog he details the vulnerability and gives proof of concept examples. He states:

“During a security review, I have found a quick way to perform PIN brute force attack against accounts registered with a Cisco Unified Communications Manager (Call Manager).”

For those not familiar with all Manager, this gives some interesting insight into how the Cisco VoIP system works between the manager and the phone…

Tagged , , , , , , , , , , , , , , ,
%d bloggers like this: