Security Alerts

ld_test_advisory

Cisco Security Advisories - Tue, 2017-05-23 22:00
Cisco has released software updates that address this vulnerability. [Workarounds that mitigate this vulnerability are available.] This advisory is available at the following link:

Cisco has released software updates that address this vulnerability. [Workarounds that mitigate this vulnerability are available.] This advisory is available at the following link:


Security Impact Rating: Critical
CVE: CVE-2007-1884
Categories: Security Alerts

ISIS_test_Advisory_isis-2.17

Cisco Security Advisories - Thu, 2017-05-18 22:00
Cisco has released software updates that address this vulnerability. [Workarounds that mitigate this vulnerability are available.] This advisory is available at the following link:
Cisco has released software updates that address this vulnerability. [Workarounds that mitigate this vulnerability are available.] This advisory is available at the following link:

Security Impact Rating: Critical
CVE: CVE- 2012-4305
Categories: Security Alerts

Cisco Policy Suite Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root.

The vulnerability is due to incorrect sudoers permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as root. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root.

The vulnerability is due to incorrect sudoers permissions on the script file. An attacker could exploit this vulnerability by authenticating to the device and providing crafted user input at the CLI, using this script file to escalate their privilege level and execute commands as root. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the appliance. The user has to be logged-in to the device with valid credentials for a specific set of users.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-cps
Security Impact Rating: High
CVE: CVE-2017-6623
Categories: Security Alerts

Cisco UCS C-Series Rack Servers TCP Port Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc A vulnerability in the TCP throttling process of Cisco UCS C-Series Rack Servers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to insufficient rate-limiting protection. An attacker could exploit this vulnerability by sending a high rate of TCP SYN packets to a specific TCP listening port on an affected device. An exploit could allow the attacker to cause a specific TCP listening port to stop accepting new connections, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucsc
Security Impact Rating: Medium
CVE: CVE-2017-6633
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

For additional information about XSS attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

For additional information about XSS attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-ucm
Security Impact Rating: Medium
CVE: CVE-2017-6654
Categories: Security Alerts

Cisco TelePresence IX5000 Series Directory Traversal Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory traversal techniques to read files within the Cisco TelePresence IX5000 Series filesystem.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000 A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using directory traversal techniques to read files within the Cisco TelePresence IX5000 Series filesystem.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-telepresence-ix5000
Security Impact Rating: High
CVE: CVE-2017-6652
Categories: Security Alerts

Cisco IP Phone 8851 Session Initiation Protocol Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to an abnormal SIP message. An attacker could exploit this vulnerability by manipulating the CANCEL packet. An exploit could allow the attacker to cause a disruption of service to the phone.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip A vulnerability in the Session Initiation Protocol (SIP) implementation of Cisco IP Phone 8851 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

The vulnerability is due to an abnormal SIP message. An attacker could exploit this vulnerability by manipulating the CANCEL packet. An exploit could allow the attacker to cause a disruption of service to the phone.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-sip
Security Impact Rating: Medium
CVE: CVE-2017-6630
Categories: Security Alerts

Cisco Remote Expert Manager Temporary File Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7 A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem7
Security Impact Rating: Medium
CVE: CVE-2017-6647
Categories: Security Alerts

Cisco Remote Expert Manager Order Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6 A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem6
Security Impact Rating: Medium
CVE: CVE-2017-6646
Categories: Security Alerts

Cisco Remote Expert Manager Virtual Temporary Directory Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5 A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem5
Security Impact Rating: Medium
CVE: CVE-2017-6645
Categories: Security Alerts

Cisco Remote Expert Manager Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4 A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem4
Security Impact Rating: Medium
CVE: CVE-2017-6644
Categories: Security Alerts

Cisco Remote Expert Manager Virtual Directory Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3 A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem3
Security Impact Rating: Medium
CVE: CVE-2017-6643
Categories: Security Alerts

Cisco Remote Expert Manager Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2 A vulnerability in the web interface of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.

The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2
Security Impact Rating: Medium
CVE: CVE-2017-6642
Categories: Security Alerts

Cisco Remote Expert Manager Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system.

The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software. An attacker could exploit this vulnerability by sending a crafted TCP traffic stream in which specific types of TCP packets are flooded to an affected device, for example a TCP packet stream in which the TCP FIN bit is set in all the TCP packets. A successful exploit could allow the attacker to cause certain TCP listening ports on the affected system to stop accepting incoming connections for a period of time or until the affected device is restarted, resulting in a DoS condition. In addition, system resources, such as CPU and memory, could be exhausted during the attack.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1 A vulnerability in the TCP connection handling functionality of Cisco Remote Expert Manager Software could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service (DoS) condition on an affected system.

The vulnerability is due to a lack of rate-limiting functionality in the TCP Listen application of the affected software. An attacker could exploit this vulnerability by sending a crafted TCP traffic stream in which specific types of TCP packets are flooded to an affected device, for example a TCP packet stream in which the TCP FIN bit is set in all the TCP packets. A successful exploit could allow the attacker to cause certain TCP listening ports on the affected system to stop accepting incoming connections for a period of time or until the affected device is restarted, resulting in a DoS condition. In addition, system resources, such as CPU and memory, could be exhausted during the attack.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem1
Security Impact Rating: Medium
CVE: CVE-2017-6641
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.

The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5 A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.

The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp5
Security Impact Rating: Medium
CVE: CVE-2017-6637
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Directory Traversal Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to view any file on an affected system.

The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to view any file on the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4 A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to view any file on an affected system.

The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to view any file on the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp4
Security Impact Rating: Medium
CVE: CVE-2017-6636
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Directory Traversal Arbitrary File Deletion Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.

The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3 A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to delete any file from an affected system.

The vulnerability exists because the affected software does not perform proper input validation of HTTP requests and fails to apply role-based access controls (RBACs) to requested HTTP URLs. An attacker could exploit this vulnerability by sending a crafted HTTP request that uses directory traversal techniques to submit a path to a desired file location on an affected system. A successful exploit could allow the attacker to delete any file from the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp3
Security Impact Rating: Medium
CVE: CVE-2017-6635
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to insufficient protection of sensitive data when responding to an HTTP request on the web interface. An attacker could exploit the vulnerability by sending a crafted HTTP request to the application to access specific system files. An exploit could allow the attacker to obtain sensitive information about the application which could include user credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2 A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to insufficient protection of sensitive data when responding to an HTTP request on the web interface. An attacker could exploit the vulnerability by sending a crafted HTTP request to the application to access specific system files. An exploit could allow the attacker to obtain sensitive information about the application which could include user credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp2
Security Impact Rating: High
CVE: CVE-2017-6621
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Authentication Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges.

The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to bypass authentication and perform command injection in Cisco Prime Collaboration Provisioning with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1 A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to bypass authentication and perform command injection with root privileges.

The vulnerability is due to missing security constraints in certain HTTP request methods, which could allow access to files via the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to bypass authentication and perform command injection in Cisco Prime Collaboration Provisioning with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-pcp1
Security Impact Rating: Critical
CVE: CVE-2017-6622
Categories: Security Alerts

Cisco Nexus 5000 Series Switches Telnet CLI Command Injection Vulnerability

Cisco Security Advisories - Wed, 2017-05-17 14:00
A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack.

The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user’s privilege level outside of the user’s path.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1 A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack.

The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user’s privilege level outside of the user’s path.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1
Security Impact Rating: Medium
CVE: CVE-2017-6650
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator - Security Alerts