Feed aggregator

Cisco IOS XE Software for Cisco ASR 920 Series Routers Arbitrary Command Execution Vulnerability

Cisco Security Advisories - Wed, 2017-09-06 14:00
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.

The vulnerability is due to improper input validation of the platform usb modem command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the platform usb modem command in the CLI of an affected device. A successful exploit could allow the attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-asr920-1 A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.

The vulnerability is due to improper input validation of the platform usb modem command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the platform usb modem command in the CLI of an affected device. A successful exploit could allow the attacker to inject and execute arbitrary commands on the underlying operating system of an affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-asr920-1
Security Impact Rating: Medium
CVE: CVE-2017-6796
Categories: Security Alerts

Cisco Meeting Server Command Injection and Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-23 14:00
A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials.

The vulnerability is due to insufficient validation of user-supplied input at the CLI for certain commands. An attacker could exploit this vulnerability by authenticating to the affected application and submitting a crafted CLI command for execution at the Cisco Meeting Server CLI. An exploit could allow the attacker to perform command injection and escalate their privilege level to root.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170823-cms A vulnerability in the CLI command-parsing code of Cisco Meeting Server could allow an authenticated, local attacker to perform command injection and escalate their privileges to root. The attacker must first authenticate to the application with valid administrator credentials.

The vulnerability is due to insufficient validation of user-supplied input at the CLI for certain commands. An attacker could exploit this vulnerability by authenticating to the affected application and submitting a crafted CLI command for execution at the Cisco Meeting Server CLI. An exploit could allow the attacker to perform command injection and escalate their privilege level to root.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170823-cms
Security Impact Rating: Medium
CVE: CVE-2017-6794
Categories: Security Alerts

MS16-149 - Important: Security Update for Microsoft Windows (3205655) - Version: 1.1

Microsoft Comprehensive Security Alerts - Wed, 2017-08-23 10:00
Severity Rating: Important
Revision Note: V1.1 (August 23, 2017): Corrected the Updates Replaced for security update 3196726 to None. This is an informational change only. Customers who have already successfully installed the update do not need to take any further action.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow elevation of privilege if a locally authenticated attacker runs a specially crafted application.
Categories: Security Alerts

Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are higher or lower than what should have been granted. The attacker cannot gain root-level privileges.

The vulnerability is due to a limitation with how Role-Based Access Control (RBAC) grants privileges to remotely authenticated users when login occurs via SSH directly to the local management interface of the APIC. An attacker could exploit this vulnerability by authenticating to the targeted device. The attacker's privilege level will be modified to match that of the last user to log in via SSH. An exploit could allow the attacker to gain elevated privileges and perform CLI commands that should be restricted by the attacker's configured role.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic1 A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are higher or lower than what should have been granted. The attacker cannot gain root-level privileges.

The vulnerability is due to a limitation with how Role-Based Access Control (RBAC) grants privileges to remotely authenticated users when login occurs via SSH directly to the local management interface of the APIC. An attacker could exploit this vulnerability by authenticating to the targeted device. The attacker's privilege level will be modified to match that of the last user to log in via SSH. An exploit could allow the attacker to gain elevated privileges and perform CLI commands that should be restricted by the attacker's configured role.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-apic1
Security Impact Rating: High
CVE: CVE-2017-6767
Categories: Security Alerts

Cisco TelePresence Video Communication Server Denial of Service Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance.

The vulnerability is due to excessive SIP traffic sent to the device. An attacker could exploit this vulnerability by transmitting large volumes of SIP traffic to the VCS. An exploit could allow the attacker to cause a complete DoS condition on the targeted system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-vcs A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance.

The vulnerability is due to excessive SIP traffic sent to the device. An attacker could exploit this vulnerability by transmitting large volumes of SIP traffic to the VCS. An exploit could allow the attacker to cause a complete DoS condition on the targeted system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-vcs
Security Impact Rating: Medium
CVE: CVE-2017-6790
Categories: Security Alerts

Cisco Ultra Services Platform Deployment Configuration Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information.

The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. An exploit could allow the attacker to view information regarding the Ultra Services Platform deployment.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usp A vulnerability in the Elastic Services Controller (ESC) web interface of the Cisco Ultra Services Platform could allow an authenticated, remote attacker to acquire sensitive information.

The vulnerability is due to the transmission of sensitive information as part of a GET request. An attacker could exploit this vulnerability by sending a GET request to a vulnerable device. An exploit could allow the attacker to view information regarding the Ultra Services Platform deployment.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usp
Security Impact Rating: Medium
CVE: CVE-2017-6778
Categories: Security Alerts

Cisco Ultra Services Framework AutoVNF Configuration Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information.

The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to a specific URL of an affected device. An exploit could allow the attacker to view sensitive configuration information about the deployment.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf A vulnerability in the AutoVNF automation tool of the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to acquire sensitive information.

The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by browsing to a specific URL of an affected device. An exploit could allow the attacker to view sensitive configuration information about the deployment.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-usf
Security Impact Rating: Medium
CVE: CVE-2017-6771
Categories: Security Alerts

Cisco Unified Communications Manager Horizontal Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration.

The vulnerability is due to lack of proper Role Based Access Control (RBAC) when certain user configuration changes are requested. An attacker could exploit this vulnerability by sending an authenticated, crafted HTTP request to the targeted application. An exploit could allow the attacker to impact the integrity of the application where one user can modify the configuration of another user's information.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-ucm A vulnerability in configuration modification permissions validation for Cisco Unified Communications Manager could allow an authenticated, remote attacker to perform a horizontal privilege escalation where one user can modify another user's configuration.

The vulnerability is due to lack of proper Role Based Access Control (RBAC) when certain user configuration changes are requested. An attacker could exploit this vulnerability by sending an authenticated, crafted HTTP request to the targeted application. An exploit could allow the attacker to impact the integrity of the application where one user can modify the configuration of another user's information.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-ucm
Security Impact Rating: Medium
CVE: CVE-2017-6785
Categories: Security Alerts

Cisco StarOS for ASR 5000 Series Routers Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges.

The vulnerability is due to incorrect permissions that are given to a set of users. An attacker could exploit this vulnerability by logging in to the shell of an affected device and elevating their privileges by modifying environment variables. An exploit could allow the attacker to gain admin-level privileges and take control of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros3 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges.

The vulnerability is due to incorrect permissions that are given to a set of users. An attacker could exploit this vulnerability by logging in to the shell of an affected device and elevating their privileges by modifying environment variables. An exploit could allow the attacker to gain admin-level privileges and take control of the affected device.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros3
Security Impact Rating: Medium
CVE: CVE-2017-6775
Categories: Security Alerts

Cisco StarOS for ASR 5000 Series Routers FTP Configuration File Modification Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files.

The vulnerability is due to the inclusion of sensitive system files within specific FTP subdirectories. An attacker could exploit this vulnerability by overwriting sensitive configuration files through FTP. An exploit could allow the attacker to overwrite configuration files on an affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros2 A vulnerability in Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, remote attacker to overwrite or modify sensitive system files.

The vulnerability is due to the inclusion of sensitive system files within specific FTP subdirectories. An attacker could exploit this vulnerability by overwriting sensitive configuration files through FTP. An exploit could allow the attacker to overwrite configuration files on an affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros2
Security Impact Rating: Medium
CVE: CVE-2017-6774
Categories: Security Alerts

Cisco StarOS for ASR 5000 Series Routers Command-Line Interface Security Bypass Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system.

The vulnerability is due to insufficient input sanitization of user-supplied input at the CLI. An attacker could exploit this vulnerability by crafting a script on the device that will allow them to bypass built-in restrictions. An exploit could allow the unauthorized user to launch the CLI directly from a command shell.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros1 A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system.

The vulnerability is due to insufficient input sanitization of user-supplied input at the CLI. An attacker could exploit this vulnerability by crafting a script on the device that will allow them to bypass built-in restrictions. An exploit could allow the unauthorized user to launch the CLI directly from a command shell.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-staros1
Security Impact Rating: Medium
CVE: CVE-2017-6773
Categories: Security Alerts

Cisco Elastic Services Controller Sensitive Log Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system.

The vulnerability is due to improper protection of sensitive log files. An attacker could exploit this vulnerability by logging in to an affected system and accessing unprotected log files. A successful exploit could allow the attacker to access sensitive log files, which may include system credentials, on the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc4 A vulnerability in Cisco Elastic Services Controller could allow an authenticated, local, unprivileged attacker to access sensitive information, including credentials for system accounts, on an affected system.

The vulnerability is due to improper protection of sensitive log files. An attacker could exploit this vulnerability by logging in to an affected system and accessing unprotected log files. A successful exploit could allow the attacker to access sensitive log files, which may include system credentials, on the affected system.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc4
Security Impact Rating: Medium
CVE: CVE-2017-6786
Categories: Security Alerts

Cisco Elastic Services Controller Configuration Parameters Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information.

The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging into the ConfD server and executing certain commands. An exploit could allow an unprivileged user to view configuration parameters that can be maliciously used.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc3 A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to acquire sensitive system information.

The vulnerability is due to insufficient protection of sensitive files on the system. An attacker could exploit this vulnerability by logging into the ConfD server and executing certain commands. An exploit could allow an unprivileged user to view configuration parameters that can be maliciously used.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc3
Security Impact Rating: Medium
CVE: CVE-2017-6777
Categories: Security Alerts

Cisco Elastic Services Controller Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc2 A vulnerability in the web framework of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface.

The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by convincing a user to access a malicious link or by intercepting a user request and injecting malicious code into the request. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc2
Security Impact Rating: Medium
CVE: CVE-2017-6776
Categories: Security Alerts

Cisco Elastic Services Controller Configuration Files Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information.

The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1 A vulnerability in Cisco Elastic Services Controller (ESC) could allow an authenticated, remote attacker to view sensitive information.

The vulnerability is due to insufficient protection of sensitive data. An attacker could exploit this vulnerability by authenticating to the application and navigating to certain configuration files. An exploit could allow the attacker to view sensitive system configuration files.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-esc1
Security Impact Rating: Medium
CVE: CVE-2017-6772
Categories: Security Alerts

Cisco Virtual Network Function Element Manager Arbitrary Command Execution Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server.

The vulnerability is due to command settings that allow Cisco VNF Element Manager users to specify arbitrary commands that will run as root on the server. An attacker could use this setting to elevate privileges and run commands in the context of the root user on the server.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. 

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-em A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server.

The vulnerability is due to command settings that allow Cisco VNF Element Manager users to specify arbitrary commands that will run as root on the server. An attacker could use this setting to elevate privileges and run commands in the context of the root user on the server.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. 

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-em
Security Impact Rating: High
CVE: CVE-2017-6710
Categories: Security Alerts

Cisco Security Appliances SNMP Polling Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user.

The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user.

The vulnerability occurs because the appliances do not protect confidential information at rest in response to Simple Network Management Protocol (SNMP) poll requests. An attacker could exploit this vulnerability by doing a crafted SNMP poll request to the targeted security appliance. An exploit could allow the attacker to discover confidential information that should be restricted, and the attacker could use this information to conduct additional reconnaissance. The attacker must know the configured SNMP community string to exploit this vulnerability.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-csa
Security Impact Rating: Medium
CVE: CVE-2017-6783
Categories: Security Alerts

Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to Cisco WebEx Meetings not sufficiently protecting sensitive data when responding to an HTTP request to the web interface. An attacker could exploit the vulnerability by attempting to use the HTTP protocol and looking at the data in the HTTP responses from the Cisco WebEx Meetings Server. An exploit could allow the attacker to find sensitive information about the application.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-crr A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks.

The vulnerability is due to Cisco WebEx Meetings not sufficiently protecting sensitive data when responding to an HTTP request to the web interface. An attacker could exploit the vulnerability by attempting to use the HTTP protocol and looking at the data in the HTTP responses from the Cisco WebEx Meetings Server. An exploit could allow the attacker to find sensitive information about the application.

Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-crr
Security Impact Rating: Medium
CVE: CVE-2017-6784
Categories: Security Alerts

Cisco Policy Suite Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level.

The vulnerability is due to incorrect role-based access control (RBAC) for shell user accounts. An attacker could exploit this vulnerability by authenticating to an affected appliance and providing crafted user input via the CLI. A successful exploit could allow the attacker to acquire a higher privilege level than should have been granted.

To exploit this vulnerability, the attacker must log in to the appliance with valid credentials.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cps A vulnerability in the management of shell user accounts for Cisco Policy Suite (CPS) Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level.

The vulnerability is due to incorrect role-based access control (RBAC) for shell user accounts. An attacker could exploit this vulnerability by authenticating to an affected appliance and providing crafted user input via the CLI. A successful exploit could allow the attacker to acquire a higher privilege level than should have been granted.

To exploit this vulnerability, the attacker must log in to the appliance with valid credentials.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cps
Security Impact Rating: Medium
CVE: CVE-2017-6781
Categories: Security Alerts

Cisco Prime Infrastructure HTML Injection Vulnerability

Cisco Security Advisories - Wed, 2017-08-16 14:00
A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application.

The vulnerability is due to improper sanitization of parameter values by the affected application. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the rendering of the injected code.

For additional information about HTML injection attacks and potential mitigation methods, see https://www.owasp.org/index.php/Testing_for_HTML_Injection_(OTG-CLIENT-003).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cpi A vulnerability in the administrative web interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to modify a page in the web interface of the affected application.

The vulnerability is due to improper sanitization of parameter values by the affected application. An attacker could exploit this vulnerability by injecting malicious code into an affected parameter and persuading a user to access a web page that triggers the rendering of the injected code.

For additional information about HTML injection attacks and potential mitigation methods, see https://www.owasp.org/index.php/Testing_for_HTML_Injection_(OTG-CLIENT-003).

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-cpi
Security Impact Rating: Medium
CVE: CVE-2017-6782
Categories: Security Alerts

Pages

Subscribe to Willing Minds aggregator