Three security flaws in the Akkadian Provisioning Manager can be chained together to open the door to remote code execution with elevated privileges and a malware deployment.
Akkadian Provisioning Manager is used as a third-party provisioning tool within Cisco Unified Communications (UC) environments.
The three high-severity security vulnerabilities are still unpatched despite being discovered and reported in February, according to the security researchers at Rapid7 who discovered them.
UC is a suite of VoIP and video communications software that enables businesses to connect to each other across various physical and virtual platforms. The Akkadian manager helps manage the various tasks related to UC, for example, the provisioning and configuring of all UC clients.
The issues are found in version 4.50.18 of the Akkadian manager.
The first one, CVE-2021-31579 related to the use of hard-coded credentials (ranking 8.2 out of 10 on the CVSS vulnerability-severity scale) and allows an attacker to bypass the restricted shell menu environment.
CVE-2021-31580 and CVE-2021-31581 stem from improper neutralization of special elements used in an OS command (ranking 7.9). By combining these with the default credentials, an unauthenticated, remote attacker can gain access to an interactive shell with root privileges.
The last one, CVE-2021-31582 (ranking 7.9), due to an exposed web server, can exposure sensitive information to an unauthorized actor.
To protect against these vulnerabilities, organizations are encouraged to restrict network access to the SSH port (22/tcp), except for only trusted users, and disable any internet-facing connectivity, Rapid7 recommended.