Cisco CallManager CDP allows voice VLAN access
| cisco-callmanager-voice-gain-access (20939) |  High Risk |
Description:
Cisco CallManager using 802.1x features could allow a remote attacker on the local LAN to spoof the Cisco Discovery Protocol (CDP) and gain unauthorized anonymous access to the voice VLAN process without authentication.
Platforms Affected:
- Cisco, Catalyst
- Cisco, Unified CallManager
Remedy:
Refer to cisco-sn-20050608-8021x for patch, upgrade, or suggested workaround information. See References.
Consequences:
Gain Access
References:
- Cisco CallManager Web page, Introduction at http://www.cisco.com/en/US/products/sw/voicesw/ps556/.
- cisco-sn-20050608-8021x, Cisco Security Notice: Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access at http://www.cisco.com/warp/public/707/cisco-sn-20050608-8021x.shtml.
- BID-13902: Cisco Voice VLAN 802.1x Authentication Bypass Vulnerability
- CVE-2005-1942: Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.
- SECTRACK ID: 1014135: Cisco 802.1x Voice-Enabled Interfaces Grant Anonymous Voice VLAN Access
Reported:
Jun 08, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net