Security Alerts

Cisco Finesse Reflected Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-cf A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-cf
Security Impact Rating: Medium
CVE: CVE-2017-6761
Categories: Security Alerts

Cisco Adaptive Security Appliance Username Enumeration Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to the interaction between Lightweight Directory Access Protocol (LDAP) and SSL Connection Profile when they are configured together. An attacker could exploit the vulnerability by performing a username enumeration attack to the IP address of the device. An exploit could allow the attacker to determine valid usernames.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa2 A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to determine valid usernames. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to the interaction between Lightweight Directory Access Protocol (LDAP) and SSL Connection Profile when they are configured together. An attacker could exploit the vulnerability by performing a username enumeration attack to the IP address of the device. An exploit could allow the attacker to determine valid usernames.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa2
Security Impact Rating: Medium
CVE: CVE-2017-6752
Categories: Security Alerts

Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-08-02 14:00
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa1 A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations can be found at:
There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170802-asa1
Security Impact Rating: Medium
CVE: CVE-2017-6765
Categories: Security Alerts

Multiple Cisco Products OSPF LSA Manipulation Vulnerability

Cisco Security Advisories - Thu, 2017-07-27 14:00
Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic.

The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. No other LSA type packets can trigger this vulnerability.

OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability.

Workarounds that address this vulnerability are available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take full control of the OSPF Autonomous System (AS) domain routing table, allowing the attacker to intercept or black-hole traffic.

The attacker could exploit this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause the targeted router to flush its routing table and propagate the crafted OSPF LSA type 1 update throughout the OSPF AS domain.

To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast OSPF LSA type 1 packets. No other LSA type packets can trigger this vulnerability.

OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability.

Workarounds that address this vulnerability are available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170727-ospf
Security Impact Rating: Medium
CVE: CVE-2017-6770
Categories: Security Alerts

Cisco Access Control System Stored Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-07-26 14:00
A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of user-supplied values and a lack of encoding of user-supplied data. An attacker could exploit this vulnerability by convincing a user to click a malicious link.

Additional information about XSS attacks and potential mitigations can be found at the following links:

https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-acs A vulnerability in the web-based management interface of the Cisco Secure Access Control System (ACS) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of user-supplied values and a lack of encoding of user-supplied data. An attacker could exploit this vulnerability by convincing a user to click a malicious link.

Additional information about XSS attacks and potential mitigations can be found at the following links:

https://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20060922-understanding-xss
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-acs
Security Impact Rating: Medium
CVE: CVE-2017-6769
Categories: Security Alerts

Cisco IOS and IOS XE Software Autonomic Networking Infrastructure Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-07-26 14:00
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to an unknown condition in the Autonomic Networking code of the affected software. An attacker could exploit this vulnerability by replaying captured packets to reset the Autonomic Control Plane (ACP) channel of an affected system. A successful exploit could allow the attacker to reset the ACP channel of an affected system and consequently cause the affected device to reload, resulting in a DoS condition.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to an unknown condition in the Autonomic Networking code of the affected software. An attacker could exploit this vulnerability by replaying captured packets to reset the Autonomic Control Plane (ACP) channel of an affected system. A successful exploit could allow the attacker to reset the ACP channel of an affected system and consequently cause the affected device to reload, resulting in a DoS condition.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anidos
Security Impact Rating: High
CVE: CVE-2017-6663
Categories: Security Alerts

Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Revocation Vulnerability

Cisco Security Advisories - Wed, 2017-07-26 14:00
A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked.

The vulnerability exists because the affected software does not transfer certificate revocation lists (CRLs) across Autonomic Control Plane (ACP) channels. An attacker could exploit this vulnerability by connecting an autonomic node, which has a known and revoked certificate, to the autonomic domain of an affected system. A successful exploit could allow the attacker to insert a previously trusted autonomic node into the autonomic domain of an affected system after the certificate for the node has been revoked.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anicrl A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the autonomic node has been revoked.

The vulnerability exists because the affected software does not transfer certificate revocation lists (CRLs) across Autonomic Control Plane (ACP) channels. An attacker could exploit this vulnerability by connecting an autonomic node, which has a known and revoked certificate, to the autonomic domain of an affected system. A successful exploit could allow the attacker to insert a previously trusted autonomic node into the autonomic domain of an affected system after the certificate for the node has been revoked.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-anicrl
Security Impact Rating: Medium
CVE: CVE-2017-6664
Categories: Security Alerts

Cisco IOS and IOS XE Software Autonomic Control Plane Channel Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-07-26 14:00
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system.

The vulnerability is due to unknown reasons. An attacker could exploit this vulnerability by capturing and replaying ACP packets that are transferred within an affected system. A successful exploit could allow the attacker to reset the ACP of an affected system, resulting in a denial of service (DoS) condition. A successful exploit could also allow the attacker to capture and view ACP packets, which should have been encrypted over the ACP, in clear text.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-aniacp A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets that are transferred in clear text within an affected system.

The vulnerability is due to unknown reasons. An attacker could exploit this vulnerability by capturing and replaying ACP packets that are transferred within an affected system. A successful exploit could allow the attacker to reset the ACP of an affected system, resulting in a denial of service (DoS) condition. A successful exploit could also allow the attacker to capture and view ACP packets, which should have been encrypted over the ACP, in clear text.

Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170726-aniacp
Security Impact Rating: High
CVE: CVE-2017-6665
Categories: Security Alerts

Cisco ASR 5000 Series Aggregation Services Routers GGSN Gateway Redirect Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device.

The vulnerability exists because the affected device does not sufficiently validate HTTP traffic that contains one or more packets with additional bytes at the end of the packet. An attacker could exploit this vulnerability by changing the properties of a payload in HTTP traffic that is sent to an affected device. A successful exploit could allow the attacker to pipeline requests through an affected device without verifying and accounting for the requests.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device.

The vulnerability exists because the affected device does not sufficiently validate HTTP traffic that contains one or more packets with additional bytes at the end of the packet. An attacker could exploit this vulnerability by changing the properties of a payload in HTTP traffic that is sent to an affected device. A successful exploit could allow the attacker to pipeline requests through an affected device without verifying and accounting for the requests.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr
Security Impact Rating: Medium
CVE: CVE-2017-6612
Categories: Security Alerts

Cisco Web Security Appliance Administrative Interface Access Control Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device.

The vulnerability exists because the affected software fails to deny traffic that is forwarded from the web proxy interface to the administrative management interface of a device. An attacker could exploit this vulnerability by sending a crafted stream of HTTP or HTTPS traffic to the web proxy interface of an affected device. A successful exploit could allow traffic to reach the administrative management interface of the affected device although the traffic should have been dropped.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5 A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device.

The vulnerability exists because the affected software fails to deny traffic that is forwarded from the web proxy interface to the administrative management interface of a device. An attacker could exploit this vulnerability by sending a crafted stream of HTTP or HTTPS traffic to the web proxy interface of an affected device. A successful exploit could allow traffic to reach the administrative management interface of the affected device although the traffic should have been dropped.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5
Security Impact Rating: Medium
CVE: CVE-2017-6751
Categories: Security Alerts

Cisco Web Security Appliance Static Credentials Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI.

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to view the system's serial number by using the CLI or to download reports by using the web interface.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4 A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI.

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to view the system's serial number by using the CLI or to download reports by using the web interface.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4
Security Impact Rating: Medium
CVE: CVE-2017-6750
Categories: Security Alerts

Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3
Security Impact Rating: Medium
CVE: CVE-2017-6749
Categories: Security Alerts

Cisco Web Security Appliance Authenticated Command Injection and Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials.

The vulnerability is due to insufficient validation of user-supplied input in the CLI parser. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the CLI. An exploit could allow the attacker to escape from the CLI subshell and execute system-level commands on the underlying operating system as root.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2 A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials.

The vulnerability is due to insufficient validation of user-supplied input in the CLI parser. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the CLI. An exploit could allow the attacker to escape from the CLI subshell and execute system-level commands on the underlying operating system as root.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2
Security Impact Rating: Medium
CVE: CVE-2017-6748
Categories: Security Alerts

Cisco Web Security Appliance Command Injection and Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials.

The vulnerability is due to insufficient validation of user-supplied input on the web interface. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the web interface. An exploit could allow the attacker to elevate privileges from administrator to root.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa1 A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials.

The vulnerability is due to insufficient validation of user-supplied input on the web interface. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the web interface. An exploit could allow the attacker to elevate privileges from administrator to root.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa1
Security Impact Rating: High
CVE: CVE-2017-6746
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Tool Web Portal Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by sending malicious JavaScript code to the PCP administrative UI. A successful exploit could allow the attacker to perform actions as a higher-level administrator.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-pcpt A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by sending malicious JavaScript code to the PCP administrative UI. A successful exploit could allow the attacker to perform actions as a higher-level administrator.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-pcpt
Security Impact Rating: Medium
CVE: CVE-2017-6755
Categories: Security Alerts

Cisco ASR 5000 Series Aggregation Services Routers Access Control List Security Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-07-19 14:00
A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device.

The vulnerability exists because the affected device fails to inspect and match certain traffic that meets the criteria defined in ACL rules configured for the device. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to bypass certain sets of rules defined in ACLs for the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1 A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device.

The vulnerability exists because the affected device fails to inspect and match certain traffic that meets the criteria defined in ACL rules configured for the device. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to bypass certain sets of rules defined in ACLs for the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1
Security Impact Rating: Medium
CVE: CVE-2017-6672
Categories: Security Alerts

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

Cisco Security Advisories - Mon, 2017-07-17 14:00
A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows.

The vulnerability is due to a design defect in the extension. An attacker who can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.

Cisco has released software updates for Google Chrome and Mozilla Firefox that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows.

The vulnerability is due to a design defect in the extension. An attacker who can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.

Cisco has released software updates for Google Chrome and Mozilla Firefox that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex
Security Impact Rating: Critical
CVE: CVE-2017-6753
Categories: Security Alerts

MS16-111 - Important: Security Update for Windows Kernel (3186973) - Version: 2.0

Microsoft Comprehensive Security Alerts - Tue, 2017-07-11 10:00
Severity Rating: Important
Revision Note: V2.0 (July 11, 2017): Revised Windows Affected Software and Vulnerability Severity Ratings table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3305. Microsoft recommends that customers running Windows 10 Version 1703 should install update 4025342 to be protected from this vulnerability.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker runs a specially crafted application on a target system.
Categories: Security Alerts

MS16-SEP - Microsoft Security Bulletin Summary for September 2016 - Version: 2.0

Microsoft Comprehensive Security Alerts - Tue, 2017-07-11 10:00
Revision Note: V2.0 (July 11, 2017): Revised Windows Affected Software and Vulnerability Severity Ratings table to include Windows 10 Version 1703 for 32-bit Systems and Windows 10 Version 1703 for x64-based Systems because they are affected by CVE-2016-3305. Microsoft recommends that customers running Windows 10 Version 1703 should install update 4025342 to be protected from this vulnerability.
Summary: This bulletin summary lists security bulletins released for September 2016.
Categories: Security Alerts

Cisco FireSIGHT System Software Arbitrary Code Execution Vulnerability

Cisco Security Advisories - Wed, 2017-07-05 14:00
A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system.

The vulnerability is due to improper handling of modified backup configuration files. An attacker could exploit this vulnerability by modifying certain components within the backup system files. An exploit could allow the attacker to run arbitrary code as a root user on the affected appliance.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-FireSIGHT A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system.

The vulnerability is due to improper handling of modified backup configuration files. An attacker could exploit this vulnerability by modifying certain components within the backup system files. An exploit could allow the attacker to run arbitrary code as a root user on the affected appliance.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-FireSIGHT
Security Impact Rating: Medium
CVE: CVE-2017-6735
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator - Security Alerts