Cisco Security Advisory
Cisco Digital Media Manager Privilege Escalation Vulnerability
Click Icon to Copy Verbose Score
AV:N/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C
-
Cisco Digital Media Manager contains a vulnerability that may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system.
Cisco Show and Share is not directly affected by this vulnerability. However, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, attackers who compromise the Cisco Digital Media Manager may gain full access to Cisco Show and Share.
Cisco has released software updates that address this vulnerability.
There are no workarounds that mitigate this vulnerability.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120118-dmm.
-
Vulnerable Products
The following table indicates which versions of Cisco Digital Media Manager are affected by this vulnerability:
Version Affected prior to 5.2 YES 5.2.1 YES 5.2.1.1 YES 5.2.2 YES 5.2.2.1 NO 5.2.3 YES 5.3 NO
Note: Cisco Digital Media Manager versions prior to 5.2 reached end of software maintenance. Customers running versions prior to 5.2 should contact their Cisco support team for assistance in upgrading to a supported version of Cisco Digital Media Manager.
How To Determine The Software Version
To determine the Cisco Digital Media Manager software version that an appliance is running, administrators can access the Cisco Digital Media Manager web interface. The version information is reported under "Digital Media Manager" in the center of the page.
Optionally administrators can log in to the Appliance Administration Interface (AAI), and access the main menu. The software version is identified next to the Cisco Digital Media Manager field. The following example identifies a Digital Media Manager appliance running version 5.2.1
Cisco Digital Media Manager Application Administration Interface Main Menu IP: 192.168.0.1 Cisco Digital Media Manager 5.2.1 http://dmm.cisco.com:8080 SHOW_INFO Show system information. BACKUP_AND_RESTORE Back up and restore. APPLIANCE_CONTROL Configure advance options NETWORK_SETTINGS Configure network parameters. DATE_TIME_SETTINGS Configure date and time CERTIFICATE_MANAGEMENT Manage all certificates in the system < OK >Products Confirmed Not Vulnerable
No other Cisco products are currently known to be affected by this vulnerability.
-
Cisco Digital Media Manager (DMM) is a centralized web-based platform used to manage Cisco media network hardware, software, and services. It allows users to remotely perform management tasks for Cisco Digital Signs, Cisco Cast, and Cisco Show and Share.
Cisco Digital Media Manager contains a vulnerability that may allow a remote, authenticated attacker to elevate privileges and obtain full access to the affected system.
The vulnerability is due to improper validation of unreferenced URLs, which may allow an unprivileged attacker to access administrative resources and elevate privileges. An authenticated attacker, could exploit this vulnerability by sending the unreferenced URL to the affected system.
Cisco Show and Share is not directly affected by this vulnerability. However, because Cisco Show and Share relies on Cisco Digital Media Manager for authentication services, attackers who compromise the Cisco Digital Media Manager may gain full access to Cisco Show and Share.
This vulnerability could be exploited over the Cisco Digital Media Manager management port TCP 8443.
This vulnerability is documented in Cisco bug ID CSCts63878 (registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2012-0329.
-
There are no workarounds that mitigate this vulnerability.
Additional mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120118-dmm
-
Cisco has released software updates that address this vulnerability.
The following table contains the remediation for each affected version of Cisco Digital Media Manager:
Version Remediation 5.2.1 Upgrade to 5.2.2.1 5.2.1.1 Upgrade to 5.2.2.1 5.2.2 Upgrade to 5.2.2.1 5.2.3 DMM523_PATCH-A.iso
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
-
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
This vulnerability was reported to Cisco by Anthony Towry.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Show LessRevision 1.1
2012-January-19 Updated product descriptions in HTML header.
Revision 1.0
2012-January-18
Initial public release.
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.