Security Alerts

Cisco UCS Director Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile.

The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucs A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile.

The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. An attacker could exploit this vulnerability by enabling Developer Mode for his/her user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to his/her profile. An exploit could allow an attacker to perform any actions defined by these workflow items, including actions affecting other tenants.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucs
Security Impact Rating: Critical
CVE: CVE-2017-3801
Categories: Security Alerts

Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software.

The vulnerability is due to insufficient input validation of user-supplied parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script in the context of the affected web interface.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucm A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software.

The vulnerability is due to insufficient input validation of user-supplied parameters that are passed to the web server of the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script in the context of the affected web interface.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ucm
Security Impact Rating: Medium
CVE: CVE-2017-3833
Categories: Security Alerts

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:
 
http://www.cisco.com/en/US/products/cmb/cisco-amb-20060922-understanding-xss.html
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp3 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:
 
http://www.cisco.com/en/US/products/cmb/cisco-amb-20060922-understanding-xss.html
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp3
Security Impact Rating: Medium
CVE: CVE-2017-3845
Categories: Security Alerts

Cisco Prime Collaboration Assurance Directory Listing Unauthorized Access Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files.

The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to view and download system files that should be restricted.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2 A vulnerability in exporting functions of the user interface for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to view file directory listings and download files.

The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to view and download system files that should be restricted.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp2
Security Impact Rating: Medium
CVE: CVE-2017-3844
Categories: Security Alerts

Cisco Prime Collaboration Assurance Arbitrary File Download Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted.

The vulnerability is due to lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to download system files that should be restricted.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp1 A vulnerability in the file download functions for Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to download system files that should be restricted.

The vulnerability is due to lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to download system files that should be restricted.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-pcp1
Security Impact Rating: Medium
CVE: CVE-2017-3843
Categories: Security Alerts

Cisco Identity Services Engine SQL Injection Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users.

The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by using SQL injection techniques in crafted HTTP POST requests to an affected system. A successful exploit could allow the attacker to view or delete notices owned by other users of the system. The notices may contain guest credentials in clear text.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ise A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users.

The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by using SQL injection techniques in crafted HTTP POST requests to an affected system. A successful exploit could allow the attacker to view or delete notices owned by other users of the system. The notices may contain guest credentials in clear text.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-ise
Security Impact Rating: Medium
CVE: CVE-2017-3835
Categories: Security Alerts

Cisco Intrusion Prevention System Device Manager Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments.
 
The vulnerability is due to improper masking of sensitive data in certain HTML comments. An attacker could exploit this vulnerability by navigating to certain configuration screens. An exploit could allow the attacker to discover sensitive data that should be restricted and could be used to conduct further attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm A vulnerability in the web-based management interface of the Cisco Intrusion Prevention System Device Manager (IDM) could allow an unauthenticated, remote attacker to view sensitive information stored in certain HTML comments.
 
The vulnerability is due to improper masking of sensitive data in certain HTML comments. An attacker could exploit this vulnerability by navigating to certain configuration screens. An exploit could allow the attacker to discover sensitive data that should be restricted and could be used to conduct further attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-idm
Security Impact Rating: Medium
CVE: CVE-2017-3842
Categories: Security Alerts

Cisco Firepower Management Center Web Framework Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability occurs because the affected software fails to perform sufficient validation and sanitization of user-supplied input when processing crafted URLs. An authenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability occurs because the affected software fails to perform sufficient validation and sanitization of user-supplied input when processing crafted URLs. An authenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-fpmc
Security Impact Rating: Medium
CVE: CVE-2017-3847
Categories: Security Alerts

Cisco Unified Communications Manager Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web framework Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data.

The vulnerability is due to insufficient protection of sensitive files. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view configuration information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3 A vulnerability in the web framework Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data.

The vulnerability is due to insufficient protection of sensitive files. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view configuration information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm3
Security Impact Rating: Medium
CVE: CVE-2017-3836
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:

https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2 A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:

https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm2
Security Impact Rating: Medium
CVE: CVE-2017-3829
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:

https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1 A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:

https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm1
Security Impact Rating: Medium
CVE: CVE-2017-3828
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.

The vulnerability is due to improper sanitization or encoding of user-supplied data by the serviceability page of an affected version of Cisco Unified Communications Manager. An attacker could exploit this vulnerability by persuading a targeted user to follow a malicious link. An exploit could allow the attacker to conduct a reflected XSS attack.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.

The vulnerability is due to improper sanitization or encoding of user-supplied data by the serviceability page of an affected version of Cisco Unified Communications Manager. An attacker could exploit this vulnerability by persuading a targeted user to follow a malicious link. An exploit could allow the attacker to conduct a reflected XSS attack.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cucm
Security Impact Rating: Medium
CVE: CVE-2017-3821
Categories: Security Alerts

Cisco Meeting Server HTTP Packet Processing Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the attacker could potentially cause the application to crash unexpectedly, resulting in a denial of service (DoS) condition. The attacker would need to be authenticated and have a valid session with the Web Bridge.

The vulnerability is due to insufficient input validation of an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP packet to a targeted application. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information or cause a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1 A vulnerability in the Web Bridge interface of the Cisco Meeting Server (CMS), formerly Acano Conferencing Server, could allow an authenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. In addition, the attacker could potentially cause the application to crash unexpectedly, resulting in a denial of service (DoS) condition. The attacker would need to be authenticated and have a valid session with the Web Bridge.

The vulnerability is due to insufficient input validation of an HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP packet to a targeted application. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information or cause a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms1
Security Impact Rating: Medium
CVE: CVE-2017-3837
Categories: Security Alerts

Cisco Meeting Server API Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance.

The vulnerability is due to invalid data being received on a specific port. An attacker could exploit this vulnerability by sending crafted packets to a specific port on the device. Successful exploitation could cause the CMS to crash.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms A vulnerability in an internal API of the Cisco Meeting Server (CMS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected appliance.

The vulnerability is due to invalid data being received on a specific port. An attacker could exploit this vulnerability by sending crafted packets to a specific port on the device. Successful exploitation could cause the CMS to crash.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-cms
Security Impact Rating: Medium
CVE: CVE-2017-3830
Categories: Security Alerts

Cisco AsyncOS Software for Cisco ESA and Cisco WSA Filtering Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.

The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass user filters configured to prevent executable files from being opened. The malformed MIME headers may not be RFC compliant but some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.

The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass user filters configured to prevent executable files from being opened. The malformed MIME headers may not be RFC compliant but some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-asyncos
Security Impact Rating: Medium
CVE: CVE-2017-3827
Categories: Security Alerts

Cisco Secure Access Control System Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information.

The vulnerability is due to the inclusion of sensitive information in a server response when certain pages of the web interface are accessed. An unauthenticated attacker with the ability to view configuration parameters could disclose passwords and other sensitive information about the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3 A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to disclose sensitive information.

The vulnerability is due to the inclusion of sensitive information in a server response when certain pages of the web interface are accessed. An unauthenticated attacker with the ability to view configuration parameters could disclose passwords and other sensitive information about the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs3
Security Impact Rating: Medium
CVE: CVE-2017-3841
Categories: Security Alerts

Cisco Secure Access Control System Open Redirect Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
 
The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specific malicious URL. This vulnerability is known as an open redirect attack and is used in phishing attacks to get users to visit malicious sites without their knowledge.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2 A vulnerability in the web interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
 
The vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that could cause the web application to redirect the request to a specific malicious URL. This vulnerability is known as an open redirect attack and is used in phishing attacks to get users to visit malicious sites without their knowledge.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs2
Security Impact Rating: Medium
CVE: CVE-2017-3840
Categories: Security Alerts

Cisco Secure Access Control System XML External Entity Vulnerability

Cisco Security Advisories - Wed, 2017-02-15 14:00
A vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the information stored in the affected system.

The vulnerability is due to improper handling of the XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by submitting a crafted XML header to the affected device web framework.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1 A vulnerability in the web-based user interface of the Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to have read access to part of the information stored in the affected system.

The vulnerability is due to improper handling of the XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by submitting a crafted XML header to the affected device web framework.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170215-acs1
Security Impact Rating: Medium
CVE: CVE-2017-3839
Categories: Security Alerts

Vulnerability in GNU glibc Affecting Cisco Products: February 2016

Cisco Security Advisories - Mon, 2017-02-13 16:20
On February 16, 2016, an industry-wide, critical vulnerability in the GNU C library (glibc) was publicly disclosed.

Multiple Cisco products incorporate a version of glibc that may be affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on an affected device.

Cisco will release software updates that address this vulnerability.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc On February 16, 2016, an industry-wide, critical vulnerability in the GNU C library (glibc) was publicly disclosed.

Multiple Cisco products incorporate a version of glibc that may be affected by the vulnerability. The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on an affected device.

Cisco will release software updates that address this vulnerability.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc
Security Impact Rating: High
CVE: CVE-2015-7547
Categories: Security Alerts

OSPF LSA Manipulation Vulnerability in Multiple Cisco Products

Cisco Security Advisories - Mon, 2017-02-13 12:29
Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic.

The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability.

OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability.

Workarounds that address this vulnerability are available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic.

The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability.

OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability.

Workarounds that address this vulnerability are available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130801-lsaospf
Security Impact Rating: Medium
CVE: CVE-2013-0149
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator - Security Alerts