CVE-2021-1226

Name of the Vulnerable Software and Affected Versions: Cisco Unified Communications Manager (affected versions not specified) Cisco Unified Communications Manager Session Management Edition (affected versions not specified) Cisco Unified Communications Manager IM & Presence Service (affected versions not specified) Cisco Unity Connection (affected versions not specified) Cisco Emergency Responder (affected versions not specified) Cisco Prime License Manager (affected versions not specified)

Description: A vulnerability in the audit logging component could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. The issue is due to the storage of certain unencrypted credentials. An attacker could exploit this by accessing the audit logs and obtaining credentials they may not normally have access to, potentially allowing them to discover and manage network devices.

Recommendations: For Cisco Unified Communications Manager, consider restricting access to the audit logs until a fix is available. For Cisco Unified Communications Manager Session Management Edition, restrict access to sensitive information stored in the audit logs. For Cisco Unified Communications Manager IM & Presence Service, avoid storing unencrypted credentials in the audit logs. For Cisco Unity Connection, limit access to the audit logging component to minimize the risk of exploitation. For Cisco Emergency Responder, consider implementing additional security measures to protect sensitive information. For Cisco Prime License Manager, restrict access to the audit logs and sensitive information until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.