Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability

Vulnerability

An unauthenticated, remote attacker can access the OpenSocial Gadget Editor in the web management interface of Cisco Finesse (releases earlier than 12.0(1) ES3 and 12.5(1)), Cisco Virtualized Voice Browser (VVB, releases earlier than 12.6(1)), and Cisco Unified Customer Voice Portal (CVP, releases 12.6(2) ES4 through 12.6(2) ES17) [1]. The vulnerability is due to missing authentication for a specific section of the web-based management interface [1].

Exploitation

An attacker can exploit this vulnerability by accessing a crafted URL without providing valid user credentials [1]. No authentication or prior access is required [1]. The attack is remote and does not require user interaction [1].

Impact

Successful exploitation allows the attacker to obtain access to the OpenSocial Gadget Editor [1]. Using this access, the attacker could obtain potentially confidential information and create arbitrary XML files [1]. The impact is limited to information disclosure and unauthorized file creation within the Gadget Editor functionality [1].

Mitigation

Cisco has released software updates that address this vulnerability; there are no workarounds [1]. The fixed versions are: Cisco Finesse 12.0(1) ES3 and later, 12.5(1) and later; Cisco VVB 12.6(1) and later; Cisco Unified CVP releases beyond 12.6(2) ES17 [1].