Cisco has released a patch to address a vulnerability in the Unified Communication Disaster Recovery Framework. This vulnerability is due to improper authentication of requests received over the network. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code, gain control of the affected system, obtain and modify system configuration parameters, or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco advisory cisco-sa-20080403-drf and apply the patch or use the workarounds.