Unified SIP Phone 3905 Unauthorized Access

critical Nessus Plugin ID 72724

Synopsis

The remote IP telephony device is missing a vendor-supplied patch.

Description

According to its self-reported version, the version of the Cisco Unified IP Phone software running on the remote device has an undocumented test interface TCP service that could be accessed on port 7870. This service could allow unauthorized users to obtain remote root access on the device.

Solution

Apply the relevant update referenced in Cisco Security Advisory.

See Also

http://www.nessus.org/u?63e17001

Plugin Details

Severity: Critical

ID: 72724

File Name: cisco-sa-20140219-phone.nasl

Version: 1.5

Type: local

Family: CISCO

Published: 2/27/2014

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:cisco:unified_sip_phone_3905

Required KB Items: Settings/ParanoidReport, Host/Cisco/CNU-OS

Exploit Ease: No known exploits are available

Patch Publication Date: 10/22/2013

Vulnerability Publication Date: 2/19/2014

Reference Information

CVE: CVE-2014-0721

BID: 65663

CISCO-SA: cisco-sa-20140219-phone

CISCO-BUG-ID: CSCuh75574