Cisco CallManager Express Unauthorized Access Vulnerability
A vulnerability in Cisco IOS Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls.The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker could exploit this vulnerability to place unauthorized, long-distance phone calls by using an affected system.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2p5PYOn
A vulnerability in Cisco IOS Software for Cisco CallManager Express (CME) could allow an unauthenticated, remote attacker to make unauthorized phone calls.The vulnerability is due to a configuration restriction in the toll-fraud protections component of the affected software. An attacker could exploit this vulnerability to place unauthorized, long-distance phone calls by using an affected system.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2p5PYOn
Security Impact Rating: Medium
CVE: CVE-2017-6624
from Cisco Security Advisory http://ift.tt/2p5PYOn