Cisco Security Advisories

Cisco Prime Home Authentication Bypass Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges.
 
The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges.
 
The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-prime-home
Security Impact Rating: Critical
CVE: CVE-2017-3791
Categories: Security Alerts

Cisco Firepower Device Manager Arbitrary Audit Log Entry Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log.

The vulnerability is due to inadequate input validation. An attacker could exploit this vulnerability by entering crafted requests through the web UI. An exploit could allow the attacker to obfuscate the audit log by adding false entries.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2 A vulnerability in the logging subsystem of the Cisco Firepower Threat Defense (FTD) Firepower Device Manager (FDM) could allow an unauthenticated, remote attacker to add arbitrary entries to the audit log.

The vulnerability is due to inadequate input validation. An attacker could exploit this vulnerability by entering crafted requests through the web UI. An exploit could allow the attacker to obfuscate the audit log by adding false entries.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw2
Security Impact Rating: Medium
CVE: CVE-2017-3822
Categories: Security Alerts

Cisco Firepower URL Bypass Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content.

The vulnerability is due to insufficient input validation checks within the system's access control rule criteria. An attacker could exploit this vulnerability by adding malicious text to the end of a URL string. An exploit could allow the attacker to bypass configured blocked websites. 

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw1 A vulnerability in Cisco Firepower System Software could allow an unauthenticated, remote attacker to maliciously bypass the appliance's ability to block certain web content.

The vulnerability is due to insufficient input validation checks within the system's access control rule criteria. An attacker could exploit this vulnerability by adding malicious text to the end of a URL string. An exploit could allow the attacker to bypass configured blocked websites. 

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw1
Security Impact Rating: Medium
CVE: CVE-2017-3814
Categories: Security Alerts

Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Command Shell Injection Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device.

The vulnerability is due to insufficient input validation of user-controlled input parameters entered at the CLI. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input parameters to certain commands. A successful exploit could allow an authenticated attacker to execute arbitrary shell commands on the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device.

The vulnerability is due to insufficient input validation of user-controlled input parameters entered at the CLI. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input parameters to certain commands. A successful exploit could allow an authenticated attacker to execute arbitrary shell commands on the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fpw
Security Impact Rating: Medium
CVE: CVE-2017-3806
Categories: Security Alerts

Cisco Firepower Management Center Incomplete Rule Set Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base.

The vulnerability is due to a lack of condition checks in the rules engine. An attacker could exploit this vulnerability by spoofing certain Object IDs of Port objects. An exploit could allow the attacker to push an incomplete rule set.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fmc A vulnerability in the Policy deployment module of the Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to prevent deployment of a complete and accurate rule base.

The vulnerability is due to a lack of condition checks in the rules engine. An attacker could exploit this vulnerability by spoofing certain Object IDs of Port objects. An exploit could allow the attacker to push an incomplete rule set.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-fmc
Security Impact Rating: Medium
CVE: CVE-2017-3809
Categories: Security Alerts

Cisco Email Security Appliance Malformed MIME Header Filtering Bypass Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.

The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass configured user filters to drop the email. The malformed MIME headers may not be RFC compliant. However, some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-esa1 A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device.

The vulnerability is due to improper error handling of a malformed MIME header in an email attachment. An attacker could exploit this vulnerability by sending an email with a crafted MIME attachment. For example, a successful exploit could allow the attacker to bypass configured user filters to drop the email. The malformed MIME headers may not be RFC compliant. However, some mail clients could still allow users to access the attachment, which may not have been properly filtered by the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-esa1
Security Impact Rating: Medium
CVE: CVE-2017-3818
Categories: Security Alerts

Cisco cBR Series Converged Broadband Routers List Headers Denial of Service Vulnerability

Wed, 2017-02-01 14:00
A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to memory corruption. An attacker could exploit this vulnerability by sending crafted PacketCable Multimedia (PCMM) packets to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbr A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to memory corruption. An attacker could exploit this vulnerability by sending crafted PacketCable Multimedia (PCMM) packets to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbr
Security Impact Rating: Medium
CVE: CVE-2017-3824
Categories: Security Alerts

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January 2017

Mon, 2017-01-30 19:28
On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016. OpenSSL classifies all the new vulnerabilities as “Moderate Severity.”

The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when connecting to a malicious server. The third vulnerability affects only systems based on x86_64 architecture. A successful exploit of the third vulnerability could allow the attacker to access sensitive private key information.

Multiple Cisco products incorporate a version of the OpenSSL package that is affected by one or more of these vulnerabilities.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl On January 26, 2017, the OpenSSL Software Foundation released a security advisory that included three new vulnerabilities. The foundation also released one vulnerability that was already disclosed in the OpenSSL advisory for November 2016 and included in the Cisco Security Advisory Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: November 2016. OpenSSL classifies all the new vulnerabilities as “Moderate Severity.”

The first vulnerability affects only OpenSSL used on 32-bit systems architecture and may cause OpenSSL to crash. The second vulnerability affects only version 1.1.0 and occurs only when OpenSSL is used on the client side. The second vulnerability may cause OpenSSL to crash when connecting to a malicious server. The third vulnerability affects only systems based on x86_64 architecture. A successful exploit of the third vulnerability could allow the attacker to access sensitive private key information.

Multiple Cisco products incorporate a version of the OpenSSL package that is affected by one or more of these vulnerabilities.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl
Security Impact Rating: Medium
CVE: CVE-2017-3730,CVE-2017-3731,CVE-2017-3732
Categories: Security Alerts

Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability

Wed, 2017-01-25 14:00
A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition.

Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas A vulnerability in the data plane IP fragment handler of the Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of IP fragments. An attacker could exploit this vulnerability by sending crafted fragmented IP traffic across the CX module. An exploit could allow the attacker to exhaust free packet buffers in shared memory (SHM), causing the CX module to be unable to process further traffic, resulting in a DoS condition.

Cisco has not released and will not release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-cas
Security Impact Rating: High
CVE: CVE-2016-9225
Categories: Security Alerts

Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability

Wed, 2017-01-25 14:00
A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system.

Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-telepresence A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system.

Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-telepresence
Security Impact Rating: Critical
CVE: CVE-2017-3792
Categories: Security Alerts

Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability

Wed, 2017-01-25 14:00
A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition.

The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-expressway A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition.

The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170125-expressway
Security Impact Rating: High
CVE: CVE-2017-3790
Categories: Security Alerts

Cisco WebEx Browser Extension Remote Code Execution Vulnerability

Tue, 2017-01-24 16:30
A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability is due to the use of a crafted pattern by the affected software. An attacker could exploit this vulnerability by directing a user to a web page that contains the crafted pattern and starting a WebEx session. The WebEx session could allow the attacker to execute arbitrary code on the affected system, which could be used to conduct further attacks.

Cisco has begun to release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability is due to the use of a crafted pattern by the affected software. An attacker could exploit this vulnerability by directing a user to a web page that contains the crafted pattern and starting a WebEx session. The WebEx session could allow the attacker to execute arbitrary code on the affected system, which could be used to conduct further attacks.

Cisco has begun to release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex
Security Impact Rating: Critical
CVE: CVE-2017-3823
Categories: Security Alerts

Cisco ASR 5000 Software ipsecmgr Process IKE Packet Parsing Denial of Service Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an authenticated, remote attacker to cause the ipsecmgr process to reload.

The vulnerability is due to a logical error while parsing IKE packets. An attacker could exploit this vulnerability by submitting malformed IKE packets to the targeted system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr A vulnerability in the ipsecmgr process of Cisco ASR 5000 Software could allow an authenticated, remote attacker to cause the ipsecmgr process to reload.

The vulnerability is due to a logical error while parsing IKE packets. An attacker could exploit this vulnerability by submitting malformed IKE packets to the targeted system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-asr
Security Impact Rating: Medium
CVE: CVE-2016-9216
Categories: Security Alerts

Cisco WebEx Meeting Center Site Redirection Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in a URL parameter of Cisco WebEx could allow an unauthenticated, remote attacker to perform site redirection.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including a remote site URL in the affected parameter of the Cisco WebEx URL. An exploit could allow the attacker to redirect a user to a malicious website.

To exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms4 A vulnerability in a URL parameter of Cisco WebEx could allow an unauthenticated, remote attacker to perform site redirection.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including a remote site URL in the affected parameter of the Cisco WebEx URL. An exploit could allow the attacker to redirect a user to a malicious website.

To exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms4
Security Impact Rating: Medium
CVE: CVE-2017-3799
Categories: Security Alerts

Cisco WebEx Meetings Server Information Disclosure Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server.
 
The vulnerability is due to insufficient masking of sensitive data in the HTTP response. An attacker could exploit this vulnerability by issuing specific HTTP requests. An exploit could allow the attacker to view the fully qualified domain name of the server.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms3 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server.
 
The vulnerability is due to insufficient masking of sensitive data in the HTTP response. An attacker could exploit this vulnerability by issuing specific HTTP requests. An exploit could allow the attacker to view the fully qualified domain name of the server.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms3
Security Impact Rating: Medium
CVE: CVE-2017-3797
Categories: Security Alerts

Cisco WebEx Meetings Server Command Bypass Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts.

The vulnerability is due to insufficient security configurations of bash in interactive mode. An attacker could exploit this vulnerability by connecting to a host as root and then connecting to another host via SSH and issuing predetermined shell commands. A successful exploit could allow an attacker to execute commands as root on any other Cisco WebEx Meeting Server host.

Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms2 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts.

The vulnerability is due to insufficient security configurations of bash in interactive mode. An attacker could exploit this vulnerability by connecting to a host as root and then connecting to another host via SSH and issuing predetermined shell commands. A successful exploit could allow an attacker to execute commands as root on any other Cisco WebEx Meeting Server host.

Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms2
Security Impact Rating: Medium
CVE: CVE-2017-3796
Categories: Security Alerts

Cisco WebEx Meetings Server Arbitrary Password Change Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user.

The vulnerability is due to insufficient parameter string security. An attacker could exploit this vulnerability by creating a password-protected meeting and utilizing system-provided parameters to change a non-administrative user password. A successful exploit could allow an attacker to change the password of a targeted user.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user.

The vulnerability is due to insufficient parameter string security. An attacker could exploit this vulnerability by creating a password-protected meeting and utilizing system-provided parameters to change a non-administrative user password. A successful exploit could allow an attacker to change the password of a targeted user.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1
Security Impact Rating: Medium
CVE: CVE-2017-3795
Categories: Security Alerts

Cisco WebEx Meetings Server Cross-Site Request Forgery Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user.

The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing the user of the affected system to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow an attacker to submit arbitrary requests to the affected device via the Administration pages with the privileges of the user.


Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user.

The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing the user of the affected system to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow an attacker to submit arbitrary requests to the affected device via the Administration pages with the privileges of the user.


Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms
Security Impact Rating: Medium
CVE: CVE-2017-3794
Categories: Security Alerts

Cisco NetFlow Generation Appliance Cross-Site Scripting Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-nga A vulnerability in the web-based management interface of Cisco NetFlow Generation Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-nga
Security Impact Rating: Medium
CVE: CVE-2016-9222
Categories: Security Alerts

Cisco Nexus 5000, 6000, and 7000 Series Switches Software IS-IS Packet Processing Denial of Service Vulnerability

Wed, 2017-01-18 14:00
A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device.

The vulnerability is due to improper processing of crafted IS-IS protocol packets. An attacker could exploit this vulnerability by sending a crafted IS-IS protocol packet over an established adjacency. An exploit could allow the attacker to cause a reload of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-nexus A vulnerability in Intermediate System-to-Intermediate System (IS-IS) protocol packet processing of Cisco Nexus 5000, 6000, and 7000 Series Switches software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device.

The vulnerability is due to improper processing of crafted IS-IS protocol packets. An attacker could exploit this vulnerability by sending a crafted IS-IS protocol packet over an established adjacency. An exploit could allow the attacker to cause a reload of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-nexus
Security Impact Rating: Medium
CVE: CVE-2017-3804
Categories: Security Alerts

Pages