Cisco is warning customers of a couple of new medium-level security vulnerabilities.
The first is a bug in Cisco's Emergency Responder (CER) software, part of the company's Unified Communications System.
CER is a purpose-built module for emergency services customers, feeding the location of phones making incoming calls to the emergency service, and automatically tracking when the caller moves from one location to the other.
CER's Web framework code doesn't properly validate input parameters passed to the Web server, and that opens up the system to a cross-site scripting (XSS) attack.
“An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting malicious code. An exploit could allow the attacker to execute arbitrary code in the context of the affected site or allow the attacker to access sensitive browser-based information”, the advisory states.
The vulnerability applies only to Cisco Emergency Responder release 11.5(0.99833.5), and to date, the company hasn't yet released a fix.
The Borg also announced a denial-of-service vulnerability in its Industrial Ethernet 2000 switches: a crafted Cisco Discovery Protocol (CDP) packet forces a device reload.
This is, again, as-yet-unpatched, but you'll be pleased to know that it's not remotely exploitable. You have to be sending the bad packets from an adjacent device. ®