Cisco

Cisco HyperFlex Software Counter Value Injection Vulnerability

A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to inject arbitrary values on an affected device.

The vulnerability is due to insufficient authentication for the statistics collection service. An attacker could exploit this vulnerability by sending properly formatted data values to the statistics collection service of an affected device. A successful exploit could allow the attacker to cause the web interface statistics view to present invalid data to users.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190918-hyperflex-valinj


Security Impact Rating: Medium
CVE: CVE-2019-12620
Categories: Cisco

Cisco HyperFlex Software Cross-Frame Scripting Vulnerability

A vulnerability in the web-based interface of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack on an affected device.

This vulnerability is due to insufficient HTML iframe protection. An attacker could exploit this vulnerability by directing a user to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct clickjacking or other clientside browser attacks.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190918-hyperflex-xfs


Security Impact Rating: Medium
CVE: CVE-2019-1975
Categories: Cisco

Cisco Identity Services Engine Privilege Escalation Vulnerability

A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device.

The vulnerability is due to improper controls on certain pages in the web interface. An attacker could exploit this vulnerability by authenticating to the device with an administrator account and sending a crafted HTTP request. A successful exploit could allow the attacker to create additional Admin accounts with different user roles. An attacker could then use these accounts to perform actions within their scope. The attacker would need valid Admin credentials for the device. This vulnerability cannot be exploited to add a Super Admin account.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege


Security Impact Rating: High
CVE: CVE-2018-15459
Categories: Cisco

Cisco Products IPv6 Neighbor Discovery Crafted Packet Denial of Service Vulnerability

Cisco Security Advisories - Mon, 09/16/2019 - 10:48pm
A vulnerability in the IP Version 6 (IPv6) packet processing functions of multiple Cisco products could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device.

The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery (ND) packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device.

This vulnerability is not Cisco specific: any IPv6 processing unit not capable of dropping such packets early in the processing path or in hardware is affected by this vulnerability.

Cisco will release software updates that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160525-ipv6
Security Impact Rating: High
CVE: CVE-2016-1409
Categories: Cisco

Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system.

The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf


Security Impact Rating: Medium
CVE: CVE-2019-12632
Categories: Cisco

Cisco Webex Teams Logging Feature Command Execution Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm
A vulnerability in the Cisco Webex Teams client for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected system.

This vulnerability is due to improper restrictions on software logging features used by the application on Windows operating systems. An attacker could exploit this vulnerability by convincing a targeted user to visit a website designed to submit malicious input to the affected application. A successful exploit could allow the attacker to cause the application to modify files and execute arbitrary commands on the system with the privileges of the targeted user.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-webex-teams


Security Impact Rating: High
CVE: CVE-2019-1939
Categories: Cisco

Cisco Unified Contact Center Express Request Processing Server-Side Request Forgery Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system.

The vulnerability is due to improper validation of user-supplied input on the affected system. An attacker could exploit this vulnerability by sending the user of the web application a crafted request. If the request is processed, the attacker could access the system and perform unauthorized actions.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-unified-ccx-ssrf


Security Impact Rating: Medium
CVE: CVE-2019-12633
Categories: Cisco

Cisco Content Security Management Appliance Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

A vulnerability in the authorization module of Cisco Content Security Management Appliance (SMA) Software could allow an authenticated, remote attacker to gain out-of-scope access to email.

The vulnerability exists because the affected software does not correctly implement role permission controls. An attacker could exploit this vulnerability by using a custom role with specific permissions. A successful exploit could allow the attacker to access the spam quarantine of other users.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-sma-info-dis


Security Impact Rating: Medium
CVE: CVE-2019-12635
Categories: Cisco

Multiple Issues in Cisco Small Business RV160, 260, and 340 Series VPN Routers

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

SEC Consult, a consulting firm for the areas of cyber and application security, contacted the Cisco Product Security Incident Response Team (PSIRT) to report the following issues found in firmware images for Cisco RV340 Dual WAN Gigabit VPN Routers:

  • Undocumented user accounts
  • Hardcoded password hashes
  • Unneeded software packages
  • Multiple vulnerabilities in third-party software (TPS) components

Cisco PSIRT investigated each issue, and the following are the investigation results:

Undocumented User Accounts

An attacker with access to the base operating system of the Cisco Small Business RV160, 260, and 340 Series VPN Router software may view undocumented user accounts on an affected device. These accounts include debug-admin and root accounts. Cisco has removed these accounts from the Cisco Small Business RV160, 260, and 340 Series VPN Routers software starting with the releases listed later in this advisory.

Hardcoded Password Hashes

Cisco Small Business RV160, 260, and 340 Series VPN Router firmware has hardcoded password hashes for the users rootdebug-admincisco, admin, and guest. An attacker with access to the base operating system of an affected device could attempt to exploit this issue to elevate privileges to these users.

Unneeded Software Packages

Cisco Small Business RV160, 260, and 340 Series VPN Routers contain GNU Debugger and tcpdump software packages. The tcpdump package will remain on future software releases for Cisco RV340 Series Router software, but Cisco has removed the tcpdump package in the Cisco RV160 and RV260 Series Router software starting with the releases listed later in this advisory. Cisco has removed the GNU Debugger package from the Cisco RV160, 260, and 340 Series Router software starting with the releases listed later in this advisory.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-sb-vpnrouter


Security Impact Rating: Informational
Categories: Cisco

Cisco Jabber Client Framework for Mac Code Execution Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Software, installed as part of the Cisco Jabber for Mac client, could allow an authenticated, local attacker to execute arbitrary code on an affected device

The vulnerability is due to improper file level permissions on an affected device when it is running Cisco JCF for Mac Software. An attacker could exploit this vulnerability by authenticating to the affected device and executing arbitrary code or potentially modifying certain configuration files. A successful exploit could allow the attacker to execute arbitrary code or modify certain configuration files on the device using the privileges of the installed Cisco JCF for Mac Software.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-jcf-codex


Security Impact Rating: Medium
CVE: CVE-2019-12645
Categories: Cisco

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

The vulnerability exists because the web-based management interface of the affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-ise-xss


Security Impact Rating: Medium
CVE: CVE-2019-12644
Categories: Cisco

Cisco Industrial Network Director Configuration Data Information Disclosure Vulnerability

Cisco Security Advisories - Wed, 09/04/2019 - 7:00pm

A vulnerability in the “plug-and-play” services component of Cisco Industrial Network Director (IND) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.

The vulnerability is due to improper access restrictions on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to access running configuration information about devices managed by the IND, including administrative credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-ind


Security Impact Rating: High
CVE: CVE-2019-1976
Categories: Cisco

Cisco Secure Boot Hardware Tampering Vulnerability

Cisco Security Advisories - Tue, 09/03/2019 - 8:17pm

A vulnerability in the logic that handles access control to one of the hardware components in Cisco's proprietary Secure Boot implementation could allow an authenticated, local attacker to write a modified firmware image to the component. This vulnerability affects multiple Cisco products that support hardware-based Secure Boot functionality.

The vulnerability is due to an improper check on the area of code that manages on-premise updates to a Field Programmable Gate Array (FPGA) part of the Secure Boot hardware implementation. An attacker with elevated privileges and access to the underlying operating system that is running on the affected device could exploit this vulnerability by writing a modified firmware image to the FPGA. A successful exploit could either cause the device to become unusable (and require a hardware replacement) or allow tampering with the Secure Boot verification process, which under some circumstances may allow the attacker to install and boot a malicious software image.

Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190513-secureboot


Security Impact Rating: High
CVE: CVE-2019-1649
Categories: Cisco

Cisco Firepower 4100 and 9300 Security Appliance Local Management Filtering Bypass Vulnerability

Cisco Security Advisories - Fri, 08/30/2019 - 6:17pm
A vulnerability in the process for creating default IP blocks during device initialization for Cisco Firepower 4100 Series and Firepower 9300 Security Appliances running Cisco FXOS Software could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that are configured to deny local IP management traffic.

The vulnerability is due to an implementation error that exists in the process for creating default IP blocks when the device is initialized, and the way in which those IP blocks interact with user-configured filters for local IP management traffic (for example, SSH to the device). An attacker could exploit this vulnerability by sending traffic to the local IP address of the targeted device. A successful exploit could allow the attacker to connect to the local IP address of the device even when there are filters configured to deny the traffic.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-firepower1
Security Impact Rating: Medium
CVE: CVE-2017-12299
Categories: Cisco

Cisco Adaptive Security Appliance Smart Tunnel Vulnerabilities

Cisco Security Advisories - Thu, 08/29/2019 - 4:00pm

Multiple vulnerabilities in the smart tunnel functionality of Cisco Adaptive Security Appliance (ASA) could allow an authenticated, local attacker to elevate privileges to the root user or load a malicious library file while the tunnel is being established.

For more information about these vulnerabilities, see the Details section of this security advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-asa-multi


Security Impact Rating: Medium
CVE: CVE-2019-1944,CVE-2019-1945
Categories: Cisco

Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

Cisco Security Advisories - Wed, 08/28/2019 - 7:00pm

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.

The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos

This advisory is part of the August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High
CVE: CVE-2019-1963
Categories: Cisco

Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 08/28/2019 - 7:00pm

A vulnerability in a specific CLI command within the local management (local-mgmt) context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device.

The vulnerability is due to extraneous subcommand options present for a specific CLI command within the local-mgmt context. An attacker could exploit this vulnerability by authenticating to an affected device, entering the local-mgmt context, and issuing a specific CLI command and submitting user input. A successful exploit could allow the attacker to execute arbitrary operating system commands as root on an affected device. The attacker would need to have valid user credentials for the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-ucs-privescalation

This advisory is part of the August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High
CVE: CVE-2019-1966
Categories: Cisco

Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability

Cisco Security Advisories - Wed, 08/28/2019 - 7:00pm

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.

The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass


Security Impact Rating: Medium
CVE: CVE-2019-1969
Categories: Cisco

Cisco NX-OS Software Network Time Protocol Denial of Service Vulnerability

Cisco Security Advisories - Wed, 08/28/2019 - 7:00pm

A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability is due to excessive use of system resources when the affected device is logging a drop action for received MODE_PRIVATE (Mode 7) NTP packets. An attacker could exploit this vulnerability by flooding the device with a steady stream of Mode 7 NTP packets. A successful exploit could allow the attacker to cause high CPU and memory usage on the affected device, which could cause internal system processes to restart or cause the affected device to unexpectedly reload.

Note: The NTP feature is enabled by default.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-ntp-dos


Security Impact Rating: Medium
CVE: CVE-2019-1967
Categories: Cisco

Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability

Cisco Security Advisories - Wed, 08/28/2019 - 7:00pm

A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that overtime can deplete system memory. When there is no system memory available, this can cause unexpected system behaviors and crashes.

The vulnerability is due to the VSH process not being properly deleted when a remote management connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly performing a remote management connection to the device and terminating the connection in an unexpected manner. A successful exploit could allow the attacker to cause the VSH processes to fail to delete, which can lead to a system-wide denial of service (DoS) condition. The attacker must have valid user credentials to log in to the device using the remote management connection.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-memleak-dos

This advisory is part of the August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High
CVE: CVE-2019-1965
Categories: Cisco

Pages