Feed aggregator

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

The vulnerability is due to insufficient CSRF protections on the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise4
Security Impact Rating: Medium
CVE: CVE-2018-0215
Categories: Security Alerts

Cisco Identity Services Engine Local Command Injection Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with the privileges of the local user. These commands should have been restricted from this user.

The vulnerability is due to insufficient input validation of CLI command user input. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a CLI command with crafted user input. A successful exploit could allow the attacker to execute arbitrary commands on the affected system that should be restricted. The attacker would need to have valid user credentials for the device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise3
Security Impact Rating: Medium
CVE: CVE-2018-0214
Categories: Security Alerts

Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain elevated privileges.

The vulnerability is due to a lack of proper input validation. An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to gain elevated privileges to access functionality that should be restricted. The attacker must have valid user credentials to the device to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise2
Security Impact Rating: Medium
CVE: CVE-2018-0213
Categories: Security Alerts

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise1
Security Impact Rating: Medium
CVE: CVE-2018-0212
Categories: Security Alerts

Cisco Identity Services Engine Authenticated CLI Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authenticated, local attacker to cause a denial of service (DoS) condition. The device may need to be manually rebooted to recover.

The vulnerability is due to lack of proper input validation of the CLI user input for certain CLI commands. An attacker could exploit this vulnerability by authenticating to the device and issuing a crafted, malicious CLI command on the targeted device. A successful exploit could allow the attacker to cause a DoS condition. The attacker must have valid administrative privileges on the device to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise
Security Impact Rating: Medium
CVE: CVE-2018-0211
Categories: Security Alerts

Cisco Data Center Network Manager Cross-Site Request Forgery Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

The vulnerability is due to insufficient CSRF protections on the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-dcnm
Security Impact Rating: Medium
CVE: CVE-2018-0210
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Hard-Coded Password Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software could allow an unauthenticated, local attacker to log in to the underlying Linux operating system.

The vulnerability is due to a hard-coded account password on the system. An attacker could exploit this vulnerability by connecting to the affected system via Secure Shell (SSH) using the hard-coded credentials. A successful exploit could allow the attacker to access the underlying operating system as a low-privileged user. After low-level privileges are gained, the attacker could elevate to root privileges and take full control of the device.

Note: Although this vulnerability has a Common Vulnerability Scoring System (CVSS) Base score of 5.9, which is normally assigned a Security Impact Rating (SIR) of Medium, there are extenuating circumstances that allow an attacker to elevate privileges to root. For these reasons, the SIR has been set to Critical.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-cpcp
Security Impact Rating: Critical
CVE: CVE-2018-0141
Categories: Security Alerts

Cisco Secure Access Control System Java Deserialization Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device.

The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2
Security Impact Rating: Critical
CVE: CVE-2018-0147
Categories: Security Alerts

Cisco Secure Access Control Server XML External Entity Injection Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system.

The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1
Security Impact Rating: Medium
CVE: CVE-2018-0218
Categories: Security Alerts

Cisco Secure Access Control Server XML External Entity Injection Vulnerability

Cisco Security Advisories - Wed, 2018-03-07 14:00
A vulnerability in the web-based user interface of the Cisco Secure Access Control Server could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system.

The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs
Security Impact Rating: Medium
CVE: CVE-2018-0207
Categories: Security Alerts

Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability

Cisco Security Advisories - Tue, 2018-03-06 10:47
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.

The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors:
  • The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and
  • The incorrect processing of malformed CMP-specific Telnet options.
An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
Security Impact Rating: Critical
CVE: CVE-2017-3881
Categories: Security Alerts

Cisco IOS and IOS XE Software Crafted Network Time Protocol Packets Denial of Service Vulnerability

Cisco Security Advisories - Tue, 2018-02-27 10:37
A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.

The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160804-wedge
Security Impact Rating: High
CVE: CVE-2016-1478
Categories: Security Alerts

Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers

Cisco Security Advisories - Fri, 2018-02-23 15:52
Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers (ASR), Cisco 4400 Series Integrated Services Routers (ISR), and Cisco Cloud Services Routers (CSR) 1000v Series contains the following vulnerabilities:
  • Cisco IOS XE Software Fragmented Packet Denial of Service Vulnerability
  • Cisco IOS XE Software Crafted TCP Packet Remote Code Execution Vulnerability
  • Cisco IOS XE Software Crafted IPv6 Packet Denial of Service Vulnerability
  • Cisco IOS XE Software Layer 4 Redirect Crafted Packet Denial of Service Vulnerability
  • Cisco IOS XE Software Common Flow Table Crafted Packet Denial of Service Vulnerability

These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others.

Successful exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to trigger a reload of the forwarding plane, causing an interruption of services. Repeated exploitation could result in a sustained denial of service (DoS) condition.

Successful exploitation of Cisco IOS XE Software Crafted TCP Packet Remote Code Execution Vulnerability could allow an unauthenticated remote attacker to execute malicious code on the affected device.

Cisco has released software updates that address these vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe

Note: The March 25, 2015, Cisco IOS & XE Software Security Advisory bundled publication includes seven Cisco Security Advisories. The advisories address vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. Individual publication links are in Cisco Event Response: Semiannual Cisco IOS & XE Software Security Advisory Bundled Publication at the following link:

http://www.cisco.com/web/about/security/intelligence/Cisco_ERP_mar15.html


Security Impact Rating: High
CVE: CVE-2015-0639,CVE-2015-0640,CVE-2015-0641,CVE-2015-0644,CVE-2015-0645
Categories: Security Alerts

Cisco Unity Connection Mail Relay Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages.

The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted requests to the targeted application. A successful exploit could allow the attacker to send email messages to arbitrary addresses.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-cuc
Security Impact Rating: Medium
CVE: CVE-2018-0203
Categories: Security Alerts

Cisco UCS Director and Cisco Integrated Management Controller Supervisor Cross-Site Request Forgery Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller (IMC) Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system.

The vulnerability is due to insufficient CSRF protection by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions, via the user's web browser and with the user's privileges, on an affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucsd
Security Impact Rating: Medium
CVE: CVE-2018-0148
Categories: Security Alerts

Cisco Unified Communications Manager Reflected Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a link that submits malicious input to the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucm
Security Impact Rating: Medium
CVE: CVE-2018-0206
Categories: Security Alerts

Cisco Unified Communications Domain Manager Remote Code Execution Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code.

The vulnerability is due to insecure key generation during application configuration. An attacker could exploit this vulnerability by using a known insecure key value to bypass security protections by sending arbitrary requests using the insecure key to a targeted application. An exploit could allow the attacker to execute arbitrary code.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucdm
Security Impact Rating: Critical
CVE: CVE-2018-0124
Categories: Security Alerts

Cisco Prime Service Catalog Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface of an affected product.

The vulnerability is due to insufficient validation of user-supplied input by the web-based interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-psc
Security Impact Rating: Medium
CVE: CVE-2018-0200
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Tool User Provisioning Tab Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack.

The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by placing a malicious string in the Prime Collaboration Provisioning database. A successful exploit could allow the attacker to access Cisco Prime Collaboration Provisioning by injecting crafted data into the database.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-pcpt1
Security Impact Rating: Medium
CVE: CVE-2018-0205
Categories: Security Alerts

Cisco Prime Collaboration Provisioning Tool Web Portal Repeated Bad Login Attempts Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2018-02-21 14:00
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for individual users.

The vulnerability is due to weak login controls. An attacker could exploit this vulnerability by using a brute-force attack. A successful exploit could allow the attacker to restrict user access. Manual administrative intervention is required to restore access.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-pcpt
Security Impact Rating: Medium
CVE: CVE-2018-0204
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator