Security Alerts

Cisco Web Security Appliance Drop Decrypt Policy Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website.

The vulnerability is due to incomplete input validation of HTTP headers. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to connect to a website that should be blocked.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1 A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website.

The vulnerability is due to incomplete input validation of HTTP headers. An attacker could exploit this vulnerability by sending a crafted HTTP request through an affected device. A successful exploit could allow the attacker to connect to a website that should be blocked.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa1
Security Impact Rating: Medium
CVE: CVE-2016-9212
Categories: Security Alerts

Cisco Web Security Appliance HTTP URL Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting.

The vulnerability is due to improper input validation of the HTTP URL string. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process restarting.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting.

The vulnerability is due to improper input validation of the HTTP URL string. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process restarting.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-wsa
Security Impact Rating: Medium
CVE: CVE-2016-6469
Categories: Security Alerts

Cisco Firepower Management Center Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password.

The vulnerability is due to improper masking of sensitive data in the HTTP response. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration screens. An exploit could allow the attacker to view the Remote Storage Password. The attacker could use the Remote Storage Password to conduct additional reconnaissance attacks

Workarounds that address this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-vdc A vulnerability in the web-based management interface of Cisco Firepower Management Center running FireSIGHT System software could allow an authenticated, remote attacker to view the Remote Storage Password.

The vulnerability is due to improper masking of sensitive data in the HTTP response. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration screens. An exploit could allow the attacker to view the Remote Storage Password. The attacker could use the Remote Storage Password to conduct additional reconnaissance attacks

Workarounds that address this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-vdc
Security Impact Rating: Medium
CVE: CVE-2016-6471
Categories: Security Alerts

Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted.

The vulnerability is due to a lack of proper input validation performed on the HTTP packet header. An attacker could exploit this vulnerability by sending a crafted packet to the targeted device. An exploit could allow the attacker to view web pages that should have been restricted.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucm A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted.

The vulnerability is due to a lack of proper input validation performed on the HTTP packet header. An attacker could exploit this vulnerability by sending a crafted packet to the targeted device. An exploit could allow the attacker to view web pages that should have been restricted.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucm
Security Impact Rating: Medium
CVE: CVE-2016-6464
Categories: Security Alerts

Cisco Prime Collaboration Assurance Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface.

The vulnerability is due to insufficient input validation of some parameters that are passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-pca A vulnerability in the web framework code of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface.

The vulnerability is due to insufficient input validation of some parameters that are passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-pca
Security Impact Rating: Medium
CVE: CVE-2016-9200
Categories: Security Alerts

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of some parameters passed via HTTP GET or POST methods. An attacker may be able to exploit this vulnerability by intercepting the user packets and injecting the malicious code.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise1 Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of some parameters passed via HTTP GET or POST methods. An attacker may be able to exploit this vulnerability by intercepting the user packets and injecting the malicious code.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise1
Security Impact Rating: Medium
CVE: CVE-2016-9214
Categories: Security Alerts

Cisco Identity Services Engine Active Directory Integration Component Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack.

The vulnerability is due to improper handling of Password Authentication Protocol (PAP) authentication requests when ISE is configured with an authorization policy based on Active Directory group membership. An attacker could exploit this vulnerability by crafting a special but formally correct PAP authentication request that will trigger the issue. An exploit could allow the attacker to cause all subsequent authentication requests for the same Active Directory domain to fail.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack.

The vulnerability is due to improper handling of Password Authentication Protocol (PAP) authentication requests when ISE is configured with an authorization policy based on Active Directory group membership. An attacker could exploit this vulnerability by crafting a special but formally correct PAP authentication request that will trigger the issue. An exploit could allow the attacker to cause all subsequent authentication requests for the same Active Directory domain to fail.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ise
Security Impact Rating: Medium
CVE: CVE-2016-9198
Categories: Security Alerts

Cisco IOS XR Software Default Credentials Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user.

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain complete control of the underlying operating system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-iosxr A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user.

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain complete control of the underlying operating system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-iosxr
Security Impact Rating: Medium
CVE: CVE-2016-9215
Categories: Security Alerts

Cisco IOS and Cisco IOS XE Software Zone-Based Firewall Feature Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration.

The vulnerability is due to a logic flaw in a corner case scenario. An attacker could exploit this vulnerability by sending traffic that would have been dropped by the policy.

In a Zone-Based Firewall setup, if only one zone pair is defined in the egress direction but there is no reverse zone pair defined in the opposite direction, return traffic should be dropped instead of allowed for traffic subject to the egress action of pass.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-zbf A vulnerability in the Zone-Based Firewall feature of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to pass traffic that should otherwise have been dropped based on the configuration.

The vulnerability is due to a logic flaw in a corner case scenario. An attacker could exploit this vulnerability by sending traffic that would have been dropped by the policy.

In a Zone-Based Firewall setup, if only one zone pair is defined in the egress direction but there is no reverse zone pair defined in the opposite direction, return traffic should be dropped instead of allowed for traffic subject to the egress action of pass.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-zbf
Security Impact Rating: Medium
CVE: CVE-2016-9201
Categories: Security Alerts

Cisco IOS XR Software HTTP 2.0 Request Handling Event Service Daemon Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of HTTP requests. An attacker could exploit this vulnerability by sending malicious HTTP 2.0 requests to the targeted system. An exploit could allow the attacker to cause the emsd to crash.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xr A vulnerability in the HTTP 2.0 request handling code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause the Event Management Service daemon (emsd) to crash, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of HTTP requests. An attacker could exploit this vulnerability by sending malicious HTTP 2.0 requests to the targeted system. An exploit could allow the attacker to cause the emsd to crash.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xr
Security Impact Rating: Medium
CVE: CVE-2016-9205
Categories: Security Alerts

Cisco IOS and IOS XE Software SSH X.509 Authentication Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system.

The vulnerability is due to improper validation of X.509 signatures during the SSH authentication phase. An attacker could exploit this vulnerability by presenting an invalid X.509 signature to an affected system. A successful exploit could allow the attacker to impersonate an existing valid user over an SSH connection.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xe-x509 A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system.

The vulnerability is due to improper validation of X.509 signatures during the SSH authentication phase. An attacker could exploit this vulnerability by presenting an invalid X.509 signature to an affected system. A successful exploit could allow the attacker to impersonate an existing valid user over an SSH connection.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios-xe-x509
Security Impact Rating: Medium
CVE: CVE-2016-6474
Categories: Security Alerts

Cisco IOS Frame Forwarding Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm.

The vulnerability occurs because the software forwards Layer 2 frames that should be consumed by the first hop. An attacker could exploit this vulnerability by injecting the Layer 2 frame into the network segment. An exploit could allow the attacker to cause a Layer 2 network storm and impact the availability of the switches.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios A vulnerability in Cisco IOS on Catalysts Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm.

The vulnerability occurs because the software forwards Layer 2 frames that should be consumed by the first hop. An attacker could exploit this vulnerability by injecting the Layer 2 frame into the network segment. An exploit could allow the attacker to cause a Layer 2 network storm and impact the availability of the switches.

There are workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ios
Security Impact Rating: Medium
CVE: CVE-2016-6473
Categories: Security Alerts

Cisco Intercloud Fabric Director Static Credentials Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account.

The vulnerability is due to static credentials for an internal account. An attacker could exploit this vulnerability by using the static credentials for that account to connect to internal services. Note that this is a restricted account that is used to communicate between instances of ICF, and it does not provide GUI or shell access.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-icf A vulnerability in the Cisco Intercloud Fabric (ICF) Director could allow an unauthenticated, remote attacker to connect to internal services with an internal account.

The vulnerability is due to static credentials for an internal account. An attacker could exploit this vulnerability by using the static credentials for that account to connect to internal services. Note that this is a restricted account that is used to communicate between instances of ICF, and it does not provide GUI or shell access.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-icf
Security Impact Rating: Medium
CVE: CVE-2016-9204
Categories: Security Alerts

Cisco Hybrid Media Service Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level.

The vulnerability is due to incorrect installation and permissions settings on binary files during the Hybrid Media Service installation procedure. An attacker could exploit this vulnerability by logging in to the device and elevating privileges. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-hms A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level.

The vulnerability is due to incorrect installation and permissions settings on binary files during the Hybrid Media Service installation procedure. An attacker could exploit this vulnerability by logging in to the device and elevating privileges. A successful exploit could allow the attacker to acquire root-level privileges and take full control of the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-hms
Security Impact Rating: Medium
CVE: CVE-2016-6470
Categories: Security Alerts

Cisco FirePOWER Malware Protection Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked.

The vulnerability is due to out-of-order TCP segments (retransmissions out of the current window, which have already been acknowledged) not being properly processed before being passed to HTTP inspection, which for GZIP compressed streams causes GZIP decompression to fail. This results in an incorrect SHA-256 hash being calculated and potential malware not being detected. An attacker could exploit this vulnerability by tricking a user into downloading a file containing malware via HTTP from a specifically prepared server. An exploit could allow the attacker to bypass the malware protection provided by the FirePOWER system software.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fpwr A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked.

The vulnerability is due to out-of-order TCP segments (retransmissions out of the current window, which have already been acknowledged) not being properly processed before being passed to HTTP inspection, which for GZIP compressed streams causes GZIP decompression to fail. This results in an incorrect SHA-256 hash being calculated and potential malware not being detected. An attacker could exploit this vulnerability by tricking a user into downloading a file containing malware via HTTP from a specifically prepared server. An exploit could allow the attacker to bypass the malware protection provided by the FirePOWER system software.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fpwr
Security Impact Rating: Medium
CVE: CVE-2016-9209
Categories: Security Alerts

Cisco Firepower Management Center and Cisco FireSIGHT System Software Malicious Software Detection Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to the incorrect handling of duplicate downloads of malware files. An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system.

The vulnerability is due to the incorrect handling of duplicate downloads of malware files. An attacker could exploit this vulnerability by sending an attempt to download a file that contains malware to an affected system. A successful exploit could allow the attacker to bypass malicious file detection or blocking policies that are configured for the system, which could allow malware to pass through the system undetected.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower
Security Impact Rating: Medium
CVE: CVE-2016-9193
Categories: Security Alerts

Cisco FireAMP Connector Endpoint Software Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available.

The vulnerability is due to lack of proper access controls when using systems utilities to troubleshoot certain system processes. An attacker could exploit this vulnerability by authenticating to the application and using the system utilities to stop certain FireAMP processes. An exploit could allow the attacker to stop certain FireAMP processes.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp A vulnerability in the system management of certain FireAMP system processes in Cisco FireAMP Connector Endpoint software could allow an authenticated, local attacker to stop certain protected FireAMP processes without requiring a password. Stopping certain critical processes could cause a denial of service (DoS) condition, and certain security features could no longer be available.

The vulnerability is due to lack of proper access controls when using systems utilities to troubleshoot certain system processes. An attacker could exploit this vulnerability by authenticating to the application and using the system utilities to stop certain FireAMP processes. An exploit could allow the attacker to stop certain FireAMP processes.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-fireamp
Security Impact Rating: Medium
CVE: CVE-2016-6449
Categories: Security Alerts

Cisco Expressway Series Software Security Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway.

The vulnerability is due to insufficient access control for TCP traffic passed through the Cisco Expressway. An attacker could exploit this vulnerability by sending a crafted URL through the Cisco Expressway. An exploit could allow the attacker to enumerate hosts and services of arbitrary hosts, as well as degrade performance through the Cisco Expressway.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-expressway A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. This does not allow for full traffic proxy through the Expressway.

The vulnerability is due to insufficient access control for TCP traffic passed through the Cisco Expressway. An attacker could exploit this vulnerability by sending a crafted URL through the Cisco Expressway. An exploit could allow the attacker to enumerate hosts and services of arbitrary hosts, as well as degrade performance through the Cisco Expressway.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-expressway
Security Impact Rating: Medium
CVE: CVE-2016-9207
Categories: Security Alerts

Cisco Email Security Appliance SMTP Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1 A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) Switches could allow an unauthenticated, remote attacker to conduct a persistent cross-site scripting (XSS) attack against a user of the affected interface on an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors and the OWASP reference page Cross-site Scripting (XSS).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa1
Security Impact Rating: Medium
CVE: CVE-2016-9202
Categories: Security Alerts

Cisco Email Security Appliance and Web Security Appliance Content Filter Bypass Vulnerability

Cisco Security Advisories - Wed, 2016-12-07 14:00
A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device.

The vulnerability is due to improper filtering of certain TAR format files that are attached to email messages. An attacker could exploit this vulnerability by sending an email message that has a crafted TAR file attachment through an affected device. A successful exploit could allow the attacker to bypass user filters that are configured for the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa A vulnerability in the content filtering functionality of Cisco AsyncOS Software for Cisco Email Security Appliances and Cisco Web Security Appliances could allow an unauthenticated, remote attacker to bypass user filters that are configured for an affected device.

The vulnerability is due to improper filtering of certain TAR format files that are attached to email messages. An attacker could exploit this vulnerability by sending an email message that has a crafted TAR file attachment through an affected device. A successful exploit could allow the attacker to bypass user filters that are configured for the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-esa
Security Impact Rating: Medium
CVE: CVE-2016-6465
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator - Security Alerts