Cisco warns of Unity bug
By Jim Duffy on Wed, 10/08/08 - 1:46pm.A bug in Cisco's Unity voice and unified messaging platform could allow an unauthenticated user to 
modify some of Unity's configuration parameters, warns Cisco in its advisory published today. The platform is configured by default for administrators to use Microsoft's Integrated Windows authentication method for authentication but Unity could be vulnerable if they are configured for anonymous authentication, says Cisco. Anonymous authentication is used when Cisco Unity servers are authenticated to the subscriber instead of Microsoft Windows. A workaround to this problem is available.
Products that could be affected by this bug are Unity versions 4.x, 5.x and 7.x, says Cisco.
Interesting reading:
How to transfer CUCM users to Unity voicemail
More Cisco security advisories
More from Cisco Subnet:
* Fake Cisco gear could be used to spy on the U.S.
* Could Nortel benefit from Cisco's learning curve?
* Fax server compatibility in Cisco UC networks
* How to transfer CUCM users to Unity voicemail
* Competition: Can you learn TCP/IP in 24 hours?
* 100GB Ethernet coming to your core?
* CCDE beta practical exam: Tough but not impossible
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
- About The Cisco Connection
The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
Follow Jim Duffy on Twitter
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise