Cisco Security Advisories

Cisco Prime Collaboration Provisioning Tool Arbitrary File Download Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem.

The vulnerability is due to insufficient input validation. An exploit could allow the attacker to download arbitrary files from the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp2 A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an authenticated, remote attacker to perform arbitrary file downloads that could allow the attacker to read files from the underlying filesystem.

The vulnerability is due to insufficient input validation. An exploit could allow the attacker to download arbitrary files from the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp2
Security Impact Rating: Medium
CVE: CVE-2017-6704
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Tool Session Hijacking Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session.

The vulnerability is due to insufficient session management during user authentication. An attacker could exploit this vulnerability by performing a session fixation attack against the web application.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp1 A vulnerability in the web application in the Cisco Prime Collaboration Provisioning tool could allow an unauthenticated, remote attacker to hijack another user's session.

The vulnerability is due to insufficient session management during user authentication. An attacker could exploit this vulnerability by performing a session fixation attack against the web application.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-pcp1
Security Impact Rating: Medium
CVE: CVE-2017-6703
Categories: Security Alerts

Cisco Identity Services Engine Reflected Cross-Site Scripting Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations is available at the following links:

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ise1 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflective cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Additional information about XSS attacks and potential mitigations is available at the following links:

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ise1
Security Impact Rating: Medium
CVE: CVE-2017-6605
Categories: Security Alerts

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient sanitization of user-supplied data that is written to log files and displayed in certain web pages of the web interface of an affected device. An attacker could exploit this vulnerability by successfully registering to a device and injecting script code as part of a user-supplied value during the registration process. An attacker could convince an administrator to visit an affected page or view an affected log file to exploit the vulnerability. The injected script code would be executed in the affected user's browser within the security context of the affected device.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ise A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient sanitization of user-supplied data that is written to log files and displayed in certain web pages of the web interface of an affected device. An attacker could exploit this vulnerability by successfully registering to a device and injecting script code as part of a user-supplied value during the registration process. An attacker could convince an administrator to visit an affected page or view an affected log file to exploit the vulnerability. The injected script code would be executed in the affected user's browser within the security context of the affected device.

For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ise
Security Impact Rating: Medium
CVE: CVE-2017-6701
Categories: Security Alerts

Cisco IOS XR Software Privilege Escalation Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level.

The vulnerability is due to incorrect permission settings on binary files in the affected software. An attacker could exploit this vulnerability by sending crafted commands to the affected device. An exploit could allow the attacker to overwrite binaries on the filesystem and elevate privileges to root.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios1 A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges to the root level.

The vulnerability is due to incorrect permission settings on binary files in the affected software. An attacker could exploit this vulnerability by sending crafted commands to the affected device. An exploit could allow the attacker to overwrite binaries on the filesystem and elevate privileges to root.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios1
Security Impact Rating: Medium
CVE: CVE-2017-6718
Categories: Security Alerts

Cisco IOS XR Software Local Command Injection Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to a command in a specific group. A successful exploit could allow the attacker to execute arbitrary commands on the affected system with root privileges.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with root privileges.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to a command in a specific group. A successful exploit could allow the attacker to execute arbitrary commands on the affected system with root privileges.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios
Security Impact Rating: Medium
CVE: CVE-2017-6719
Categories: Security Alerts

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability exists because the affected software fails to perform sufficient validation and sanitization of user-supplied input when the software processes crafted URLs. An authenticated, remote attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-fpmc A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability exists because the affected software fails to perform sufficient validation and sanitization of user-supplied input when the software processes crafted URLs. An authenticated, remote attacker could exploit this vulnerability by persuading a user to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-fpmc
Security Impact Rating: Medium
CVE: CVE-2017-6717
Categories: Security Alerts

Cisco Firepower Management Center Stored Cross-Site Scripting Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-fmc2 A vulnerability in the web framework code of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-fmc2
Security Impact Rating: Medium
CVE: CVE-2017-6716
Categories: Security Alerts

Cisco Firepower Management Center Cross-Site Scripting Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability occurs because the affected software fails to perform sufficient validation and sanitization of user-supplied input when processing crafted URLs. An authenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-fmc1 A vulnerability in the web framework of Cisco Firepower Management Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability occurs because the affected software fails to perform sufficient validation and sanitization of user-supplied input when processing crafted URLs. An authenticated, remote attacker could exploit the vulnerability by convincing a user to follow a malicious link. Successful exploitation could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-fmc1
Security Impact Rating: Medium
CVE: CVE-2017-6715
Categories: Security Alerts

Cisco SocialMiner Cross-Site Scripting Vulnerability

Wed, 2017-06-21 14:00
A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by convincing a user to follow a malicious link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-csm A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by convincing a user to follow a malicious link. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-csm
Security Impact Rating: Medium
CVE: CVE-2017-6702
Categories: Security Alerts

Cisco AnyConnect Local Privilege Escalation Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account.

The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. The attacker would need valid user credentials to exploit this vulnerability.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-anyconnect A vulnerability in how DLL files are loaded with Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and run an executable file with privileges equivalent to the Microsoft Windows SYSTEM account.

The vulnerability is due to incomplete input validation of path and file names of a DLL file before it is loaded. An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific system directory. A successful exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. The attacker would need valid user credentials to exploit this vulnerability.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-anyconnect
Security Impact Rating: High
CVE: CVE-2017-6638
Categories: Security Alerts

Cisco Ultra Services Platform Information Disclosure Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information.

The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging in to the ConfD server. An exploit could allow an unprivileged user to access and view sensitive information in the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp2 A vulnerability in the ConfD server in Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive information.

The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging in to the ConfD server. An exploit could allow an unprivileged user to access and view sensitive information in the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp2
Security Impact Rating: Medium
CVE: CVE-2017-6695
Categories: Security Alerts

Cisco Ultra Services Platform Plaintext Credential Logging Information Disclosure Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data on an affected system.

The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration logs. An exploit could allow the attacker to discover sensitive data, which could be used to conduct further attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp1 A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra Services Platform could allow an authenticated, local attacker to view sensitive data on an affected system.

The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration logs. An exploit could allow the attacker to discover sensitive data, which could be used to conduct further attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usp1
Security Impact Rating: Medium
CVE: CVE-2017-6694
Categories: Security Alerts

Cisco Ultra Services Framework Element Manager Insecure Default Account Information Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user.

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain control of the underlying operating system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf6 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker to log in to the device with the privileges of the root user.

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain control of the underlying operating system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf6
Security Impact Rating: Medium
CVE: CVE-2017-6692
Categories: Security Alerts

Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system.

The vulnerability is due to weak, hard-coded credentials present on the affected device. An exploit could allow an attacker with access to the management network to log in to the affected device using default credentials present on the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system.

The vulnerability is due to weak, hard-coded credentials present on the affected device. An exploit could allow an attacker with access to the management network to log in to the affected device using default credentials present on the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5
Security Impact Rating: Medium
CVE: CVE-2017-6687
Categories: Security Alerts

Cisco Ultra Services Framework Element Manager Insecure Default Credentials Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device.

The vulnerability is due to weak, hard-coded credentials of the admin and oper user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin or oper user of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4 A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device.

The vulnerability is due to weak, hard-coded credentials of the admin and oper user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin or oper user of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4
Security Impact Rating: Medium
CVE: CVE-2017-6686
Categories: Security Alerts

Cisco Ultra Services Framework Staging Server Insecure Default Credentials Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device.

The vulnerability is due to weak, hard-coded credentials of the admin user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin user of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf3 A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device.

The vulnerability is due to weak, hard-coded credentials of the admin user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin user of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf3
Security Impact Rating: Medium
CVE: CVE-2017-6685
Categories: Security Alerts

Cisco Ultra Services Framework AutoVNF VNFStagingView Information Disclosure Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system.

The vulnerability is due to insufficient sanity checks against crafted URL requests. An attacker could exploit this vulnerability by crafting a URL request against an affected device. An exploit could allow the attacker to execute a relative path traversal attack, enabling the attacker to read sensitive files on the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2 A vulnerability in the AutoVNF VNFStagingView class of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to execute a relative path traversal attack, enabling an attacker to read sensitive files on the system.

The vulnerability is due to insufficient sanity checks against crafted URL requests. An attacker could exploit this vulnerability by crafting a URL request against an affected device. An exploit could allow the attacker to execute a relative path traversal attack, enabling the attacker to read sensitive files on the system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf2
Security Impact Rating: Medium
CVE: CVE-2017-6681
Categories: Security Alerts

Cisco Ultra Services Framework AutoVNF Arbitrary Direction Creation Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system.

The vulnerability is due to insufficient checks when creating directories on the system. An attacker could exploit this vulnerability by creating arbitrary directories as root on the system and potentially impacting the behavior of other daemons and deleting important log data. An exploit could allow the attacker to create arbitrary directories on the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf1 A vulnerability in the AutoVNF logging function of Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to create arbitrary directories on the affected system.

The vulnerability is due to insufficient checks when creating directories on the system. An attacker could exploit this vulnerability by creating arbitrary directories as root on the system and potentially impacting the behavior of other daemons and deleting important log data. An exploit could allow the attacker to create arbitrary directories on the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf1
Security Impact Rating: Medium
CVE: CVE-2017-6680
Categories: Security Alerts

Cisco TelePresence Endpoint Denial of Service Vulnerability

Wed, 2017-06-07 14:00
A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition.

The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition.

The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-tele
Security Impact Rating: High
CVE: CVE-2017-6648
Categories: Security Alerts

Pages