Feed aggregator

Cisco 5000 Series Enterprise Network Compute System and Cisco UCS E-Series Servers BIOS Authentication Bypass Vulnerability

Cisco Security Advisories - Wed, 2018-06-20 14:00

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user.

The vulnerability is due to improper security restrictions that are imposed by the affected system. An attacker could exploit this vulnerability by submitting an empty password value to an affected device's BIOS authentication prompt. An exploit could allow the attacker to have access to a restricted set of user-level BIOS commands.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-encs-ucs-bios-auth-bypass


Security Impact Rating: Medium
CVE: CVE-2018-0362
Categories: Security Alerts

Cisco Meeting Server Session Fixation Vulnerability

Cisco Security Advisories - Wed, 2018-06-20 14:00

A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could allow an unauthenticated, local attacker to hijack a valid user session identifier.

The vulnerability exists because the affected application does not assign a new session identifier to a user session when a user authenticates to the application. An attacker could exploit this vulnerability by using a hijacked session identifier to connect to the application through the web-based management interface. A successful exploit could allow the attacker to hijack an authenticated user's browser session.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180620-cms-sf


Security Impact Rating: Medium
CVE: CVE-2018-0359
Categories: Security Alerts

Cisco AnyConnect Secure Mobility Client Certificate Bypass Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the TLS certificate check when downloading certain configuration files.

The vulnerability is due to improper use of Simple Certificate Enrollment Protocol and improper server certificate validation. An attacker could exploit this vulnerability by preparing malicious profile and localization files for Cisco AnyConnect to use. A successful exploit could allow the attacker to remotely change the configuration profile, a certificate, or the localization data used by AnyConnect Secure Mobility Client.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-AnyConnect-cert-bypass


Security Impact Rating: Medium
CVE: CVE-2018-0334
Categories: Security Alerts

Cisco Web Security Appliance Layer 4 Traffic Monitor Security Bypass Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00
A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections.

The vulnerability is due to a change in the underlying operating system software that is responsible for monitoring affected traffic. An attacker could exploit this vulnerability by sending crafted IP packets to an affected device. A successful exploit could allow the attacker to pass traffic through the device, which the WSA was configured to deny. This vulnerability affects both IPv4 and IPv6 traffic.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-wsa
Security Impact Rating: High
CVE: CVE-2018-0353
Categories: Security Alerts

Cisco WebEx Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system.

The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user’s browser in the context of an affected site.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-webex-xss1


Security Impact Rating: Medium
CVE: CVE-2018-0357
Categories: Security Alerts

Cisco WebEx Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system.

The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user’s browser in the context of an affected site.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-webex-xss


Security Impact Rating: Medium
CVE: CVE-2018-0356
Categories: Security Alerts

Cisco Wide Area Application Services Software Static SNMP Credentials Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP.

The vulnerability is due to a hard-coded, read-only community string in the configuration file for the SNMP daemon. An attacker could exploit this vulnerability by using the static community string in SNMP version 2c queries to an affected device. A successful exploit could allow the attacker to read any data that is accessible via SNMP on the affected device.

Note: The static credentials are defined in an internal configuration file and are not visible in the current operation configuration ('running-config') or the startup configuration ('startup-config').

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-waas-snmp


Security Impact Rating: Medium
CVE: CVE-2018-0329
Categories: Security Alerts

Cisco Wide Area Application Services Software Disk Check Tool Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges (level 15) to log in to the device.

The vulnerability is due to insufficient validation of script files executed in the context of the Disk Check Tool. An attacker could exploit this vulnerability by replacing one script file with a malicious script file while the affected tool is running. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-waas-priv-escalation


Security Impact Rating: Medium
CVE: CVE-2018-0352
Categories: Security Alerts

Cisco Integrated Management Controller Supervisor and Cisco UCS Director DOM Stored Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00
A vulnerability in the web-based management interface of Cisco Integrated Management Controller Supervisor Software and Cisco UCS Director Software could allow an authenticated, remote attacker to conduct a Document Object Model-based (DOM-based), stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or allow the attacker to access sensitive browser-based information on the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ucsdimcs
Security Impact Rating: Medium
CVE: CVE-2018-0149
Categories: Security Alerts

Cisco Unified Computing System Role-Based Access Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system.

The vulnerability exists because the affected software lacks proper input and validation checks for certain file systems. An attacker could exploit this vulnerability by issuing crafted commands in the CLI of an affected system. A successful exploit could allow the attacker to cause other users to execute unwanted arbitrary commands on the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ucs-access


Security Impact Rating: Medium
CVE: CVE-2018-0338
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of certain parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting certain malicious code. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-ucm-xss


Security Impact Rating: Medium
CVE: CVE-2018-0340
Categories: Security Alerts

Cisco Prime Collaboration Provisioning SQL Injection Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries.

The vulnerability is due to a lack of proper validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-sql


Security Impact Rating: High
CVE: CVE-2018-0320
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Unauthenticated Remote Method Invocation Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system.

The vulnerability is due to an open port in the Network Interface and Configuration Engine (NICE) service. An attacker could exploit this vulnerability by accessing the open RMI system on an affected PCP instance. An exploit could allow the attacker to perform malicious actions that affect PCP and the devices that are connected to it.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-rmi


Security Impact Rating: Critical
CVE: CVE-2018-0321
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Unauthorized Password Reset Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.

The vulnerability is due to insufficient validation of a password reset request. An attacker could exploit this vulnerability by submitting a password reset request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-password-reset


Security Impact Rating: High
CVE: CVE-2018-0318
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Unauthorized Password Recovery Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.

The vulnerability is due to insufficient validation of a password recovery request. An attacker could exploit this vulnerability by submitting a password recovery request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-password-recovery


Security Impact Rating: High
CVE: CVE-2018-0319
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Access Control Deficiency in Batch Function Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level.

The vulnerability is due to insufficient authorization enforcement on batch processing. An attacker could exploit this vulnerability by uploading a batch file and having the batch file processed by the system. A successful exploit could allow the attacker to escalate privileges to the Administrator level.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-escalation


Security Impact Rating: Medium
CVE: CVE-2018-0336
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Access Control Bypass Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges.

The vulnerability is due to insufficient web portal access control checks. An attacker could exploit this vulnerability by modifying an access request. An exploit could allow the attacker to promote their account to any role defined on the system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-bypass


Security Impact Rating: High
CVE: CVE-2018-0317
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Access Control Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device.

The vulnerability is due to a failure to enforce access restrictions on the Help Desk and User Provisioning roles that are assigned to authenticated users. This failure could allow an authenticated attacker to modify critical attributes of higher-privileged accounts on the device. A successful exploit could allow the attacker to gain elevated privileges on the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-prime-access


Security Impact Rating: High
CVE: CVE-2018-0322
Categories: Security Alerts

Cisco Network Services Orchestrator Arbitrary Command Execution Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00

A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-nso


Security Impact Rating: High
CVE: CVE-2018-0274
Categories: Security Alerts

Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Session Initiation Protocol Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2018-06-06 14:00
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition.

The vulnerability exists because the firmware of an affected phone incorrectly handles errors that could occur when an incoming phone call is not answered. An attacker could exploit this vulnerability by sending a set of maliciously crafted SIP packets to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-multiplatform-sip
Security Impact Rating: High
CVE: CVE-2018-0316
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator