Feed aggregator

Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges.

The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800 A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges.

The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ap1800
Security Impact Rating: Critical
CVE: CVE-2017-3831
Categories: Security Alerts

Cisco Web Security Appliance URL Filtering Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule.

The vulnerability is due to incomplete validation of the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to bypass a configured URL filter.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule.

The vulnerability is due to incomplete validation of the HTTP request. An attacker could exploit this vulnerability by sending a crafted HTTP request through the targeted device. An exploit could allow the attacker to bypass a configured URL filter.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wsa
Security Impact Rating: Medium
CVE: CVE-2017-3870
Categories: Security Alerts

Cisco WebEx Meetings Server XML External Entity Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system.

The vulnerability is due to improper handling of an XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted XML file to the affected system. A successful exploit could allow the attacker to have read access to part of the information stored in the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system.

The vulnerability is due to improper handling of an XML External Entity (XXE) when parsing an XML file. An attacker could exploit this vulnerability by sending a crafted XML file to the affected system. A successful exploit could allow the attacker to have read access to part of the information stored in the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms
Security Impact Rating: Medium
CVE: CVE-2017-3811
Categories: Security Alerts

Cisco Meshed Wireless LAN Controller Impersonation Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology.

The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system.

Cisco has released software updates that address this vulnerability. Note that additional configuration is needed in addition to upgrading to a fixed release. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh A vulnerability in the mesh code of Cisco Wireless LAN Controller (WLC) software could allow an unauthenticated, remote attacker to impersonate a WLC in a meshed topology.

The vulnerability is due to insufficient authentication of the parent access point in a mesh configuration. An attacker could exploit this vulnerability by forcing the target system to disconnect from the correct parent access point and reconnect to a rogue access point owned by the attacker. An exploit could allow the attacker to control the traffic flowing through the impacted access point or take full control of the target system.

Cisco has released software updates that address this vulnerability. Note that additional configuration is needed in addition to upgrading to a fixed release. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wlc-mesh
Security Impact Rating: High
CVE: CVE-2017-3854
Categories: Security Alerts

Cisco WebEx Meetings Server Authentication Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server.

The vulnerability is due to the presence of deprecated code within the Cisco WebEx Meetings Server. An attacker could exploit this vulnerability by spoofing a legitimate user. An exploit could allow the attacker to view limited meeting information for that user contained on the server.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server.

The vulnerability is due to the presence of deprecated code within the Cisco WebEx Meetings Server. An attacker could exploit this vulnerability by spoofing a legitimate user. An exploit could allow the attacker to view limited meeting information for that user contained on the server.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex
Security Impact Rating: Medium
CVE: CVE-2017-3880
Categories: Security Alerts

Cisco UCS Director Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucs
Security Impact Rating: Medium
CVE: CVE-2017-3868
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web interface of the affected software.

The vulnerability is due to insufficient CSRF protections implemented by the affected software. An attacker could exploit this vulnerability by persuading a user of the web interface to follow a malicious link. A successful exploit could allow the attacker to submit arbitrary requests to the affected software via the user's web browser and with the user's privileges.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2 A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web interface of the affected software.

The vulnerability is due to insufficient CSRF protections implemented by the affected software. An attacker could exploit this vulnerability by persuading a user of the web interface to follow a malicious link. A successful exploit could allow the attacker to submit arbitrary requests to the affected software via the user's web browser and with the user's privileges.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm2
Security Impact Rating: Medium
CVE: CVE-2017-3877
Categories: Security Alerts

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.

The vulnerability is due to insufficient validation of user-supplied input by the Cisco Unified CM User Options portal of the affected software. An attacker could exploit this vulnerability by persuading an authenticated user of the portal to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the portal.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1 A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack.

The vulnerability is due to insufficient validation of user-supplied input by the Cisco Unified CM User Options portal of the affected software. An attacker could exploit this vulnerability by persuading an authenticated user of the portal to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the portal.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm1
Security Impact Rating: Medium
CVE: CVE-2017-3874
Categories: Security Alerts

Cisco Unified Communications Manager Web Interface Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device.

The vulnerability is due to a failure to properly call XSS filter subsystems when a URL contains a certain parameter. An attacker who can persuade an authenticated user of an affected device to follow an attacker-provided link or visit an attacker-controlled website could exploit this vulnerability to execute arbitrary code in the context of the affected site in the user's browser.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device.

The vulnerability is due to a failure to properly call XSS filter subsystems when a URL contains a certain parameter. An attacker who can persuade an authenticated user of an affected device to follow an attacker-provided link or visit an attacker-controlled website could exploit this vulnerability to execute arbitrary code in the context of the affected site in the user's browser.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-ucm
Security Impact Rating: Medium
CVE: CVE-2017-3872
Categories: Security Alerts

Cisco TelePresence Server API Privilege Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints.

The vulnerability is due to how session identification information is maintained by a specific API of the affected software. An attacker could exploit this vulnerability by snooping temporary, unencrypted keys on an affected system. A successful exploit could allow the attacker to emulate a Cisco TelePresence Server endpoint.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps A vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints.

The vulnerability is due to how session identification information is maintained by a specific API of the affected software. An attacker could exploit this vulnerability by snooping temporary, unencrypted keys on an affected system. A successful exploit could allow the attacker to emulate a Cisco TelePresence Server endpoint.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tps
Security Impact Rating: Medium
CVE: CVE-2017-3815
Categories: Security Alerts

Cisco Workload Automation and Tidal Enterprise Scheduler Client Manager Server Arbitrary File Read Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-tes
Security Impact Rating: High
CVE: CVE-2017-3846
Categories: Security Alerts

Cisco Prime Service Catalog Multiple Cross-Site Scripting Vulnerabilities

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the web framework code of the Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc A vulnerability in the web framework code of the Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system.

The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting the malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-psc
Security Impact Rating: Medium
CVE: CVE-2017-3866
Categories: Security Alerts

Cisco Nexus 9000 Series Switches Remote Login Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker could use either a Telnet or an SSH client for the remote login attempt.

The vulnerability is due to improper handling of failed authentication during login. An attacker could exploit this vulnerability by attempting to log in remotely to the device. An exploit could allow the attacker to cause a login process to terminate unexpectedly.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1 A vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device. The attacker could use either a Telnet or an SSH client for the remote login attempt.

The vulnerability is due to improper handling of failed authentication during login. An attacker could exploit this vulnerability by attempting to log in remotely to the device. An exploit could allow the attacker to cause a login process to terminate unexpectedly.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss1
Security Impact Rating: Medium
CVE: CVE-2017-3879
Categories: Security Alerts

Cisco Nexus 9000 Series Switches Telnet Login Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device.

The vulnerability is due to incomplete input validation of Telnet packet headers. An attacker could exploit this vulnerability by sending a crafted Telnet packet to an affected system during a remote Telnet login attempt. A successful exploit could allow the attacker to cause the Telnet process on the affected system to restart unexpectedly, resulting in a denial of service (DoS) condition for the Telnet process.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss A vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user traffic flowing through the device.

The vulnerability is due to incomplete input validation of Telnet packet headers. An attacker could exploit this vulnerability by sending a crafted Telnet packet to an affected system during a remote Telnet login attempt. A successful exploit could allow the attacker to cause the Telnet process on the affected system to restart unexpectedly, resulting in a denial of service (DoS) condition for the Telnet process.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-nss
Security Impact Rating: Medium
CVE: CVE-2017-3878
Categories: Security Alerts

Cisco Prime Optical for Service Providers RADIUS Secret Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclosure sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device.

The vulnerability occurs because sensitive information is not obscured in the generated configuration files. An attacker could exploit this vulnerability by authenticating to the application and using the network management interface to generate configuration files. An exploit could allow the attacker to reveal sensitive information in the device configuration.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo A vulnerability in the web network management interface of Cisco Prime Optical for Service Providers could allow an authenticated, remote attacker to disclosure sensitive information in the configuration generated for a device. The attacker must have valid credentials for the device.

The vulnerability occurs because sensitive information is not obscured in the generated configuration files. An attacker could exploit this vulnerability by authenticating to the application and using the network management interface to generate configuration files. An exploit could allow the attacker to reveal sensitive information in the device configuration.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpo
Security Impact Rating: Medium
CVE: CVE-2017-3871
Categories: Security Alerts

Cisco Prime Infrastructure API Credentials Management Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. The attacker needs to have valid credentials.

The vulnerability is due to a lack of proper role-based access control (RBAC) for certain APIs in the application. An attacker could exploit this vulnerability by authenticating to specific APIs as a low-privileged user. An exploit could allow the attacker to view or modify system configuration information. The API usage should be restricted based on the user's privilege level.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi A vulnerability in the APIs for Cisco Prime Infrastructure could allow an authenticated, remote attacker to access an API that should be restricted to a privileged user. The attacker needs to have valid credentials.

The vulnerability is due to a lack of proper role-based access control (RBAC) for certain APIs in the application. An attacker could exploit this vulnerability by authenticating to specific APIs as a low-privileged user. An exploit could allow the attacker to view or modify system configuration information. The API usage should be restricted based on the user's privilege level.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cpi
Security Impact Rating: Medium
CVE: CVE-2017-3869
Categories: Security Alerts

Cisco Nexus 7000 Series Switches Access-Control Filtering Mechanisms Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system.

The vulnerability is due to the device failing to inspect specific traffic when other ACL checking mechanisms are in place. An attacker could exploit this vulnerability by issuing crafted commands for which a particular ACL would not match defined traffic. An exploit could allow the attacker to bypass certain rulesets defined on a Network Time Protocol (NTP) ACL.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns A vulnerability in certain access-control filtering mechanisms on Cisco Nexus 7000 Series Switches could allow an unauthenticated, remote attacker to bypass defined traffic configured within an access control list (ACL) on the affected system.

The vulnerability is due to the device failing to inspect specific traffic when other ACL checking mechanisms are in place. An attacker could exploit this vulnerability by issuing crafted commands for which a particular ACL would not match defined traffic. An exploit could allow the attacker to bypass certain rulesets defined on a Network Time Protocol (NTP) ACL.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-cns
Security Impact Rating: Medium
CVE: CVE-2017-3875
Categories: Security Alerts

Cisco StarOS SSH Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access.

The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router.

Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access.

The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router.

Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asr
Security Impact Rating: High
CVE: CVE-2017-3819
Categories: Security Alerts

Cisco Adaptive Security Appliance BGP Bidirectional Forwarding Detection ACL Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-03-15 14:00
A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic.

The vulnerability occurs because the BFD implementation incorrectly allows traffic with destination ports 3784 and 3785 through the interface ACLs. An attacker could exploit this vulnerability by sending TCP or UDP packets with a destination port of 3784 or 3785 through the ASA.

Workarounds that address this vulnerability are available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa A vulnerability in the Border Gateway Protocol (BGP) Bidirectional Forwarding Detection (BFD) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to bypass the access control list (ACL) for specific TCP and UDP traffic.

The vulnerability occurs because the BFD implementation incorrectly allows traffic with destination ports 3784 and 3785 through the interface ACLs. An attacker could exploit this vulnerability by sending TCP or UDP packets with a destination port of 3784 or 3785 through the ASA.

Workarounds that address this vulnerability are available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-asa
Security Impact Rating: Medium
CVE: CVE-2017-3867
Categories: Security Alerts

MS17-016 - Important: Security Update for Windows IIS (4013074) - Version: 1.0

Microsoft Comprehensive Security Alerts - Tue, 2017-03-14 10:00
Severity Rating: Important
Revision Note: V1.0 (March 14, 2017): Click here to enter text.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious application. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator