Advisories: Cisco

This page shows the security advisories feed for Cisco products:

  • SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software
    The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco has released software updates that address these vulnerabilities. There are workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco has released software updates that address these vulnerabilities. There are workarounds that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp Security Impact Rating: High CVE: CVE-2017-6736,CVE-2017-6737,CVE-2017-6738,CVE-2017-6739,CVE-2017-6740,CVE-2017-6741,CVE-2017-6742,CVE-2017-6743,CVE-2017-6744
  • Cisco WebEx Browser Extension Remote Code Execution Vulnerability
    A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due to a design defect in the extension. An attacker who can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. Cisco has released software updates for Google Chrome and Mozilla Firefox that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due to a design defect in the extension. An attacker who can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. Cisco has released software updates for Google Chrome and Mozilla Firefox that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170717-webex Security Impact Rating: Critical CVE: CVE-2017-6753
  • Cisco ASR 5000 Series Aggregation Services Routers GGSN Gateway Redirect Vulnerability
    A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. The vulnerability exists because the affected device does not sufficiently validate HTTP traffic that contains one or more packets with additional bytes at the end of the packet. An attacker could exploit this vulnerability by changing the properties of a payload in HTTP traffic that is sent to an affected device. A successful exploit could allow the attacker to pipeline requests through an affected device without verifying and accounting for the requests. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr A vulnerability in the gateway GPRS support node (GGSN) of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to redirect HTTP traffic sent to an affected device. The vulnerability exists because the affected device does not sufficiently validate HTTP traffic that contains one or more packets with additional bytes at the end of the packet. An attacker could exploit this vulnerability by changing the properties of a payload in HTTP traffic that is sent to an affected device. A successful exploit could allow the attacker to pipeline requests through an affected device without verifying and accounting for the requests. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr Security Impact Rating: Medium CVE: CVE-2017-6612
  • Cisco Web Security Appliance Administrative Interface Access Control Bypass Vulnerability
    A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device. The vulnerability exists because the affected software fails to deny traffic that is forwarded from the web proxy interface to the administrative management interface of a device. An attacker could exploit this vulnerability by sending a crafted stream of HTTP or HTTPS traffic to the web proxy interface of an affected device. A successful exploit could allow traffic to reach the administrative management interface of the affected device although the traffic should have been dropped. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5 A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device. The vulnerability exists because the affected software fails to deny traffic that is forwarded from the web proxy interface to the administrative management interface of a device. An attacker could exploit this vulnerability by sending a crafted stream of HTTP or HTTPS traffic to the web proxy interface of an affected device. A successful exploit could allow traffic to reach the administrative management interface of the affected device although the traffic should have been dropped. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5 Security Impact Rating: Medium CVE: CVE-2017-6751
  • Cisco Web Security Appliance Static Credentials Vulnerability
    A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI. The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to view the system's serial number by using the CLI or to download reports by using the web interface. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4 A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI. The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to view the system's serial number by using the CLI or to download reports by using the web interface. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4 Security Impact Rating: Medium CVE: CVE-2017-6750
  • Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability
    A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3 A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3 Security Impact Rating: Medium CVE: CVE-2017-6749
  • Cisco Web Security Appliance Authenticated Command Injection and Privilege Escalation Vulnerability
    A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. The vulnerability is due to insufficient validation of user-supplied input in the CLI parser. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the CLI. An exploit could allow the attacker to escape from the CLI subshell and execute system-level commands on the underlying operating system as root. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2 A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. The vulnerability is due to insufficient validation of user-supplied input in the CLI parser. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the CLI. An exploit could allow the attacker to escape from the CLI subshell and execute system-level commands on the underlying operating system as root. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2 Security Impact Rating: Medium CVE: CVE-2017-6748
  • Cisco Web Security Appliance Command Injection and Privilege Escalation Vulnerability
    A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to insufficient validation of user-supplied input on the web interface. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the web interface. An exploit could allow the attacker to elevate privileges from administrator to root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa1 A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. The vulnerability is due to insufficient validation of user-supplied input on the web interface. An attacker could exploit this vulnerability by authenticating to the affected device and performing command injection over the web interface. An exploit could allow the attacker to elevate privileges from administrator to root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa1 Security Impact Rating: High CVE: CVE-2017-6746
  • Cisco Prime Collaboration Provisioning Tool Web Portal Cross-Site Scripting Vulnerability
    A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by sending malicious JavaScript code to the PCP administrative UI. A successful exploit could allow the attacker to perform actions as a higher-level administrator. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-pcpt A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning (PCP) Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by sending malicious JavaScript code to the PCP administrative UI. A successful exploit could allow the attacker to perform actions as a higher-level administrator. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-pcpt Security Impact Rating: Medium CVE: CVE-2017-6755
  • Cisco ASR 5000 Series Aggregation Services Routers Access Control List Security Bypass Vulnerability
    A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device. The vulnerability exists because the affected device fails to inspect and match certain traffic that meets the criteria defined in ACL rules configured for the device. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to bypass certain sets of rules defined in ACLs for the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1 A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass ACL rules that have been configured for an affected device. The vulnerability exists because the affected device fails to inspect and match certain traffic that meets the criteria defined in ACL rules configured for the device. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to bypass certain sets of rules defined in ACLs for the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-asr1 Security Impact Rating: Medium CVE: CVE-2017-6672
  • Vulnerability in Samba Affecting Cisco Products: May 2017
    On May 24, 2017, the Samba team disclosed a vulnerability in Samba server software that could allow an authenticated attacker to execute arbitrary code remotely on a targeted system. This vulnerability has been assigned CVE ID CVE-2017-7494 This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170530-samba On May 24, 2017, the Samba team disclosed a vulnerability in Samba server software that could allow an authenticated attacker to execute arbitrary code remotely on a targeted system. This vulnerability has been assigned CVE ID CVE-2017-7494 This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170530-samba Security Impact Rating: High CVE: CVE-2017-7494
  • Cisco Prime Network Information Disclosure Vulnerability
    A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checking mechanisms in the system. An attacker could exploit this vulnerability by issuing specific, known commands after authenticating locally to the system via the CLI. A successful exploit could allow the attacker to view confidential information that should only be visible to authenticated users. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-cpn A vulnerability in the CLI of the Cisco Prime Network Gateway could allow an authenticated, local attacker to retrieve system process information, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checking mechanisms in the system. An attacker could exploit this vulnerability by issuing specific, known commands after authenticating locally to the system via the CLI. A successful exploit could allow the attacker to view confidential information that should only be visible to authenticated users. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-cpn Security Impact Rating: Medium CVE: CVE-2017-6726
  • Cisco Nexus Series Switches Telnet CLI Command Injection Vulnerability
    A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user’s privilege level outside of the user’s path. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1 A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into the Telnet CLI command. An exploit could allow the attacker to read or write arbitrary files at the user’s privilege level outside of the user’s path. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss1 Security Impact Rating: Medium CVE: CVE-2017-6650
  • Cisco Nexus Series Switches CLI Command Injection Vulnerability
    A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user’s privilege level outside of the user’s path. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user’s privilege level outside of the user’s path. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-nss Security Impact Rating: Medium CVE: CVE-2017-6649
  • Cisco FireSIGHT System Software Arbitrary Code Execution Vulnerability
    A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. The vulnerability is due to improper handling of modified backup configuration files. An attacker could exploit this vulnerability by modifying certain components within the backup system files. An exploit could allow the attacker to run arbitrary code as a root user on the affected appliance. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-FireSIGHT A vulnerability in the backup and restore functionality of Cisco FireSIGHT System Software could allow an authenticated, local attacker to execute arbitrary code on a targeted system. The vulnerability is due to improper handling of modified backup configuration files. An attacker could exploit this vulnerability by modifying certain components within the backup system files. An exploit could allow the attacker to run arbitrary code as a root user on the affected appliance. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-FireSIGHT Security Impact Rating: Medium CVE: CVE-2017-6735
  • Cisco Wide Area Application Services Central Manager Information Disclosure Vulnerability
    A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system. The vulnerability is due to a processing error in how the affected software applies role-based access control (RBAC) to URLs. An attacker could exploit this vulnerability by conducting a brute-force attack or guessing the report ID of a completed report and sending a crafted HTTP GET request with the ID to an affected system. A successful exploit could allow the attacker to download any completed report that was previously scheduled by a WAAS administrator via the Reports Central area in the WAAS Central Manager GUI of the affected system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-waas1 A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system. The vulnerability is due to a processing error in how the affected software applies role-based access control (RBAC) to URLs. An attacker could exploit this vulnerability by conducting a brute-force attack or guessing the report ID of a completed report and sending a crafted HTTP GET request with the ID to an affected system. A successful exploit could allow the attacker to download any completed report that was previously scheduled by a WAAS administrator via the Reports Central area in the WAAS Central Manager GUI of the affected system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-waas1 Security Impact Rating: Medium CVE: CVE-2017-6730
  • Cisco Wide Area Application Services Core Dump Denial of Service Vulnerability
    A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly. The vulnerability is due to incomplete input validation of an SMB Create Request packet. An attacker could exploit this vulnerability by sending a specially crafted Create Request packet to an affected device. An exploit could allow an attacker to cause a process to reload unexpectedly and cause a DoS condition. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-waas A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly. The vulnerability is due to incomplete input validation of an SMB Create Request packet. An attacker could exploit this vulnerability by sending a specially crafted Create Request packet to an affected device. An exploit could allow an attacker to cause a process to reload unexpectedly and cause a DoS condition. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-waas Security Impact Rating: Medium CVE: CVE-2017-6727
  • Cisco Ultra Services Framework Staging Server Arbitrary Command Execution Vulnerability
    A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability by crafting CLI command inputs to execute Linux shell commands as the root user. An exploit could allow the attacker to execute arbitrary shell commands as the Linux root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf3 A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could allow an unauthenticated, remote attacker to execute arbitrary shell commands as the Linux root user. The vulnerability is due to improper shell invocations. An attacker could exploit this vulnerability by crafting CLI command inputs to execute Linux shell commands as the root user. An exploit could allow the attacker to execute arbitrary shell commands as the Linux root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf3 Security Impact Rating: Critical CVE: CVE-2017-6714
  • Cisco Ultra Services Framework AutoVNF Log File User Credential Information Disclosure Vulnerability
    A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (ESC) and Cisco OpenStack deployments in an affected system. The vulnerability exists because the affected software logs administrative credentials in clear text for Cisco ESC and Cisco OpenStack deployment purposes. An attacker could exploit this vulnerability by accessing the AutoVNF URL for the location where the log files are stored and subsequently accessing the administrative credentials that are stored in clear text in those log files. A successful exploit could allow the attacker to access the administrative credentials for Cisco ESC and Cisco OpenStack deployments in the affected system, which the attacker could use to conduct additional attacks. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf2 A vulnerability in the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to access administrative credentials for Cisco Elastic Services Controller (ESC) and Cisco OpenStack deployments in an affected system. The vulnerability exists because the affected software logs administrative credentials in clear text for Cisco ESC and Cisco OpenStack deployment purposes. An attacker could exploit this vulnerability by accessing the AutoVNF URL for the location where the log files are stored and subsequently accessing the administrative credentials that are stored in clear text in those log files. A successful exploit could allow the attacker to access the administrative credentials for Cisco ESC and Cisco OpenStack deployments in the affected system, which the attacker could use to conduct additional attacks. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf2 Security Impact Rating: High CVE: CVE-2017-6709
  • Cisco Ultra Services Framework AutoVNF Symbolic Link Handling Information Disclosure Vulnerability
    A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of validation checks for the input that is used to create symbolic links. A successful exploit could allow the attacker to read any sensitive file or execute malicious code on an affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf1 A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the Cisco Ultra Services Framework could allow an unauthenticated, remote attacker to read sensitive files or execute malicious code on an affected system. The vulnerability is due to the absence of validation checks for the input that is used to create symbolic links. A successful exploit could allow the attacker to read any sensitive file or execute malicious code on an affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-usf1 Security Impact Rating: High CVE: CVE-2017-6708
  • More...

Leave a Reply

Your email address will not be published. Required fields are marked *