Security Alerts

Cisco Security Appliances SNMP Polling Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user.

The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user.

The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa
Security Impact Rating: Medium
CVE: CVE-2017-6783
Categories: Security Alerts

Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to Cisco WebEx Meetings not sufficiently protecting sensitive data when responding to an HTTP request to the web interface. An attacker could exploit the vulnerability by attempting to use the HTTP protocol and looking at the data in the HTTP responses from the Cisco WebEx Meetings Server. An exploit could allow the attacker to find sensitive information about the application.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-crr A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to Cisco WebEx Meetings not sufficiently protecting sensitive data when responding to an HTTP request to the web interface. An attacker could exploit the vulnerability by attempting to use the HTTP protocol and looking at the data in the HTTP responses from the Cisco WebEx Meetings Server. An exploit could allow the attacker to find sensitive information about the application.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-crr
Security Impact Rating: Medium
CVE: CVE-2017-6784
Categories: Security Alerts

Cisco Policy Suite Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level.

The vulnerability is due to incorrect role-based access control (RBAC) for shell user accounts. An attacker could exploit this vulnerability by authenticating to an affected appliance and providing crafted user input via the CLI. A successful exploit could allow the attacker to acquire a higher privilege level than should have been granted.

To exploit this vulnerability, the attacker must log in to the appliance with valid credentials.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cps A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level.

The vulnerability is due to incorrect role-based access control (RBAC) for shell user accounts. An attacker could exploit this vulnerability by authenticating to an affected appliance and providing crafted user input via the CLI. A successful exploit could allow the attacker to acquire a higher privilege level than should have been granted.

To exploit this vulnerability, the attacker must log in to the appliance with valid credentials.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cps
Security Impact Rating: Medium
CVE: CVE-2017-6781
Categories: Security Alerts

Cisco Prime Infrastructure HTML Injection Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application.

The vulnerability is due to improper sanitization of parameter values by the affected application. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the rendering of the injected code.

For additional information about HTML injection attacks and potential mitigation methods, see https://www.owasp.org/index.php/Testing_for_HTML_Injection_(OTG-CLIENT-003).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cpi A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application.

The vulnerability is due to improper sanitization of parameter values by the affected application. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the rendering of the injected code.

For additional information about HTML injection attacks and potential mitigation methods, see https://www.owasp.org/index.php/Testing_for_HTML_Injection_(OTG-CLIENT-003).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cpi
Security Impact Rating: Medium
CVE: CVE-2017-6782
Categories: Security Alerts

Cisco AnyConnect WebLaunch Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software.

The vulnerability is due to insufficient input validation of some parameters that are passed to the WebLaunch function of the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-caw The WebLaunch functionality of Cisco AnyConnect Secure Mobility Client Software contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the affected software.

The vulnerability is due to insufficient input validation of some parameters that are passed to the WebLaunch function of the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-caw
Security Impact Rating: Medium
CVE: CVE-2017-6788
Categories: Security Alerts

Cisco Application Policy Infrastructure Controller Custom Binary Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges.

The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic2 A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges.

The vulnerability is due to a custom executable system file that was built to use relative search paths for libraries without properly validating the library to be loaded. An attacker could exploit this vulnerability by authenticating to the device and loading a malicious library that can escalate the privilege level. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. The attacker must have valid user credentials to log in to the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic2
Security Impact Rating: High
CVE: CVE-2017-6768
Categories: Security Alerts

MS17-MAR - Microsoft Security Bulletin Summary for March 2017 - Version: 4.0

Microsoft Comprehensive Security Alerts - Tue, 2017-08-08 10:00
Revision Note: V4.0 (August 8, 2017): For MS17-007, to comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems have been added to the Affected Products table as they are also affected by this vulnerability. Microsoft recommends that customers who have not already done so install the July 2017 security updates to be fully protected from this vulnerability
Summary: This bulletin summary lists security bulletins released for March 2017
Categories: Security Alerts

4038556 - Guidance for securing applications that host the WebBrowser Control - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2017-08-08 10:00
Revision Note: V1.0 (August 8, 2017): Advisory published.
Summary: Microsoft is releasing this security advisory to provide information regarding security settings for applications developed with the Microsoft Internet Explorer layout engine, also known as the Trident layout engine. This advisory also provides guidance on what developers and individuals can do to ensure that their applications hosting the WebBrowser Control are properly secured.
Categories: Security Alerts

MS17-007 - Critical: Cumulative Security Update for Microsoft Edge (4013071) - Version: 2.0

Microsoft Comprehensive Security Alerts - Tue, 2017-08-08 10:00
Severity Rating: Critical
Revision Note: V2.0 (August 8, 2017): To comprehensively address CVE-2017-0071, Microsoft released the July security updates for all versions of Windows 10. Note that Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10 Version 1703 for 32-bit Systems, and Windows 10 Version 1703 for x64-based Systems have been added to the Affected Products table as they are also affected by this vulnerability. Microsoft recommends that customers who have not already done so install the July 2017 security updates to be fully protected from this vulnerability.
Summary: This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited these vulnerabilities could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Categories: Security Alerts

Cisco Adaptive Security Appliance Authenticated Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at: There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at: There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa
Security Impact Rating: Medium
CVE: CVE-2017-6764
Categories: Security Alerts

Cisco Videoscape Distribution Suite Cache Server Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance.

The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds A vulnerability in the cache server within Cisco Videoscape Distribution Suite (VDS) for Television could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted appliance.

The vulnerability is due to excessive mapped connections exhausting the allotted resources within the system. An attacker could exploit this vulnerability by sending large amounts of inbound traffic to a device with the intention of overloading certain resources. A successful exploit could cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-vds
Security Impact Rating: High
CVE: CVE-2017-6745
Categories: Security Alerts

Cisco Unified Communications Manager Directory Traversal Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device.

The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by using directory traversal techniques to read files in the web root directory structure on the Cisco Unified Communications Manager filesystem.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm1 A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to access arbitrary files in the context of the web root directory structure on an affected device.

The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by using directory traversal techniques to read files in the web root directory structure on the Cisco Unified Communications Manager filesystem.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm1
Security Impact Rating: Medium
CVE: CVE-2017-6758
Categories: Security Alerts

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a blind SQL injection attack.

The vulnerability is due to a failure to validate user-supplied input used in SQL queries that bypass protection filters. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements. An exploit could allow the attacker to modify or delete entries in some database tables, affecting the integrity of the data.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a blind SQL injection attack.

The vulnerability is due to a failure to validate user-supplied input used in SQL queries that bypass protection filters. An attacker could exploit this vulnerability by sending crafted URLs that include SQL statements. An exploit could allow the attacker to modify or delete entries in some database tables, affecting the integrity of the data.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ucm
Security Impact Rating: Medium
CVE: CVE-2017-6757
Categories: Security Alerts

Cisco Smart Net Total Care Software Collector Appliance SQL Injection Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance could allow an authenticated, remote attacker to perform a read-only, blind SQL injection attack, which could allow the attacker to compromise the confidentiality of the system through SQL timing attacks.

The vulnerability is due to insufficient input validation of certain user-supplied fields that are subsequently used by the affected software to build SQL queries. An attacker could exploit this vulnerability by submitting crafted URLs, which are designed to exploit the vulnerability, to the affected software. To execute an attack successfully, the attacker would need to submit a number of requests to the affected software. A successful exploit could allow the attacker to determine the presence of values in the SQL database of the affected software.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-sntc A vulnerability in the web-based management interface of the Cisco Smart Net Total Care (SNTC) Software Collector Appliance could allow an authenticated, remote attacker to perform a read-only, blind SQL injection attack, which could allow the attacker to compromise the confidentiality of the system through SQL timing attacks.

The vulnerability is due to insufficient input validation of certain user-supplied fields that are subsequently used by the affected software to build SQL queries. An attacker could exploit this vulnerability by submitting crafted URLs, which are designed to exploit the vulnerability, to the affected software. To execute an attack successfully, the attacker would need to submit a number of requests to the affected software. A successful exploit could allow the attacker to determine the presence of values in the SQL database of the affected software.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-sntc
Security Impact Rating: Medium
CVE: CVE-2017-6754
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Tool Pervasive Cross-Site Request Forgery Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to execute unwanted actions.

The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the user’s browser to perform any action authorized for that user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt1 A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to execute unwanted actions.

The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the user’s browser to perform any action authorized for that user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt1
Security Impact Rating: Medium
CVE: CVE-2017-6756
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Tool UpgradeManager File Write Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to write arbitrary files as root on the system.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt A vulnerability in the UpgradeManager of the Cisco Prime Collaboration Provisioning Tool could allow an authenticated, remote attacker to write arbitrary files as root on the system.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by triggering the upgrade package installation functionality.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-pcpt
Security Impact Rating: Medium
CVE: CVE-2017-6759
Categories: Security Alerts

Cisco Meeting Server H.264 Protocol Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.

The vulnerability exists because the affected application does not properly validate Fragmentation Unit (FU-A) protocol packets. An attacker could exploit this vulnerability by sending a crafted H.264 FU-A packet through the affected application. A successful exploit could allow the attacker to cause a DoS condition on the affected system due to an unexpected restart of the CMS media process on the system. Although the CMS platform continues to operate and only the single, affected CMS media process is restarted, a brief interruption of media traffic for certain users could occur.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms A vulnerability in the implementation of the H.264 protocol in Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected system.

The vulnerability exists because the affected application does not properly validate Fragmentation Unit (FU-A) protocol packets. An attacker could exploit this vulnerability by sending a crafted H.264 FU-A packet through the affected application. A successful exploit could allow the attacker to cause a DoS condition on the affected system due to an unexpected restart of the CMS media process on the system. Although the CMS platform continues to operate and only the single, affected CMS media process is restarted, a brief interruption of media traffic for certain users could occur.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ms
Security Impact Rating: Medium
CVE: CVE-2017-6763
Categories: Security Alerts

Cisco Identity Services Engine Authentication Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to bypass local authentication.

The vulnerability is due to improper handling of authentication requests and policy assignment for externally authenticated users. An attacker could exploit this vulnerability by authenticating with a valid external user account that matches an internal username and incorrectly receiving the authorization policy of the internal account. An exploit could allow the attacker to have Super Admin privileges for the ISE Admin portal.

This vulnerability does not affect endpoints authenticating to the ISE.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ise A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to bypass local authentication.

The vulnerability is due to improper handling of authentication requests and policy assignment for externally authenticated users. An attacker could exploit this vulnerability by authenticating with a valid external user account that matches an internal username and incorrectly receiving the authorization policy of the internal account. An exploit could allow the attacker to have Super Admin privileges for the ISE Admin portal.

This vulnerability does not affect endpoints authenticating to the ISE.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-ise
Security Impact Rating: High
CVE: CVE-2017-6747
Categories: Security Alerts

Cisco Firepower System Software Secure Sockets Layer Policy Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected system.

The vulnerability is due to unexpected interaction with Known Key and Decrypt and Resign configuration settings of SSL policies when the affected software receives unexpected SSL packet headers. An attacker could exploit this vulnerability by sending a crafted SSL packet through an affected device in a valid SSL session. A successful exploit could allow the attacker to bypass the SSL decryption and inspection policy for the affected system, which could allow traffic to flow through the system without being inspected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-fpw A vulnerability in the Secure Sockets Layer (SSL) Decryption and Inspection feature of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass the SSL policy for decrypting and inspecting traffic on an affected system.

The vulnerability is due to unexpected interaction with Known Key and Decrypt and Resign configuration settings of SSL policies when the affected software receives unexpected SSL packet headers. An attacker could exploit this vulnerability by sending a crafted SSL packet through an affected device in a valid SSL session. A successful exploit could allow the attacker to bypass the SSL decryption and inspection policy for the affected system, which could allow traffic to flow through the system without being inspected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-fpw
Security Impact Rating: Medium
CVE: CVE-2017-6766
Categories: Security Alerts

Cisco Jabber Guest Server Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web-based management interface of Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-cj A vulnerability in the web-based management interface of Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-cj
Security Impact Rating: Medium
CVE: CVE-2017-6762
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator - Security Alerts