Cisco IP Communicator Certificate Trust List Manipulation
Medium Nessus Plugin ID 69802
SynopsisThe remote host has a softphone application installed that is affected by an information modification vulnerability.
DescriptionThe version of Cisco IP Communicator is 8.6(1). Such versions are potentially affected by a data modification vulnerability. By performing a Man-in-the-Middle attack, a remote, unauthenticated attacker could replace the original Certificate Trust List with a modified one.
SolutionUpgrade to Cisco IP Communicator 8.6(2) or later.