Skip to main content

Cisco Releases Critical Security Update for Unified CCMP and Unified CCDM

Scheduled update addresses critical privilege escalation vulnerability in Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM)

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Scheduled update addresses critical privilege escalation vulnerability in Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM)


Threat details

Introduction

Cisco has released a security update to address a critical vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM). An attacker with Advanced User credentials could exploit this privilege escalation vulnerability by creating an Administrator account and taking control of an affected system.


Remediation advice

Affected organisations are encouraged to review Cisco Security Advisories and apply the necessary update below.


Remediation steps

Type Step
Patch

Cisco Unified Contact Center Management Portal and Unified Contact Center Domain Manager Privilege Escalation Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-priv-esc-JzhTFLm4


Last edited: 14 January 2022 3:57 pm