Showing posts with label cisco. Show all posts
Showing posts with label cisco. Show all posts

Ajay Verma , , , , 02:18
Severity Rating: HIGH
Component Affected 
•MDS 9100 Series Multilayer Fabric Switches
•MDS 9250i Multiservice Fabric Switches
•MDS 9300 Series Multilayer Fabric Switches.

Overview 
Vulnerability has been reported in the resource handling system of Cisco
NX-OS Software for Cisco MDS 9000 Series Multilayer Switches which could
allow an unauthenticated, remote attacker to cause a denial of service
(DoS) condition on an affected device. 
Description
A Vulnerability exists in the resource handling system of Cisco NX-OS
Software for Cisco MDS 9000 Series Multilayer Switches  due to improper
resource usage control that could allow the attacker to cause a denial of
service (DoS) condition. An attacker could exploit this vulnerability by
sending traffic to the management interface (mgmt0) of an affected device
at very high rates and this  could allow the attacker to cause unexpected
behaviors such as high CPU usage, process crashes, or even full system
reboots of an affected device. 

Successful exploitation of this vulnerability could allow the attacker to
cause a denial of service (DoS) condition. 

Solution
Apply appropriate updates as mentioned in: 
- -sa-20200226-mds-ovrld-dos

Vendor Information
CISCO
- -sa-20200226-mds-ovrld-dos

References
CISCO
- -sa-20200226-mds-ovrld-dos
CVE Name
CVE-2020-3175
Read more [..]

Ajay Verma , , , , 02:16
Severity Rating: HIGH
Software Affected 
•Cisco ASA Software or FTD Software.

Overview 
Vulnerability has been reported in the web services interface of Cisco
Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat
Defense (FTD) Software which could allow an unauthenticated, remote
attacker to conduct directory traversal attacks and obtain read and delete
access to sensitive files on a targeted system. 

Description
A Vulnerability exists inthe web services interface of Cisco Adaptive
Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)
Software due to a lack of proper input validation of the HTTP URL that
could allow the attacker to access sensitive files on a targeted system. An
attacker could exploit this vulnerability by sending a crafted HTTP request
containing directory traversal character sequences and allow the attacker
to view or delete arbitrary files on the targeted system. The file system
is enabled when the affected device is configured with either WebVPN or
AnyConnect features. When the device is reloaded after exploitation of this
vulnerability, any files that were deleted are restored. 

Successful exploitation of this vulnerability could allow the attacker to 
obtain read and delete access to sensitive files on a targeted system. 

Solution
Apply appropriate updates as mentioned in: 
- -sa-asaftd-path-JE3azWw43

Vendor Information
CISCO
- -sa-asaftd-path-JE3azWw43

References
CISCO
- -sa-asaftd-path-JE3azWw43

CVE Name
CVE-2020-3187
Read more [..]

Ajay Verma , , , , 02:14
Severity Rating: HIGH
Software Affected 
•Cisco ASA Software or FTD Software.
Overview 
Vulnerability has been reported in the web services interface of Cisco
Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat
Defense (FTD) Software which could allow an unauthenticated, remote
attacker to retrieve memory contents on an affected device, which could
lead to the disclosure of confidential information. 

Description
A Vulnerability exists in the web services interface of Cisco Adaptive
Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD)
Software due to a buffer tracking issue when the software parses invalid
URLs that are requested from the web services interface that could allow
the attacker to disclose the confidential information. An attacker could
exploit this vulnerability by sending a crafted  GET request to the web
services interface. 

Successful exploitation of this vulnerability could allow the attacker to
retrieve memory contents, which could lead to the disclosure of
confidential information. 

Solution
Apply appropriate updates as mentioned in: 
- -sa-asaftd-info-disclose-9eJtycMB

Vendor Information
CISCO
- -sa-asaftd-info-disclose-9eJtycMB

References
CISCO
- -sa-asaftd-info-disclose-9eJtycMB

CVE Name
CVE-2020-3259
Read more [..]

Ajay Verma , , , , , 01:49
Severity Rating: HIGH
Software Affected
Cisco Prime Network Registrar
Cisco NX-OS Software
Cisco Unified CCX software
Overview
Multiple Vulnerabilities have been reported in the DHCP server of Cisco
Prime Network Registrar, Cisco NX-OS Software for Cisco MDS 9000 Series
Multilayer Switches & Cisco Unified Contact Center Express which could be
exploited by an attacker to execute arbitrary code on a targeted system.
Description
1. Vulnerability in the DHCP server of Cisco Prime Network Registrar (
CVE-2020-3272   ) 

This Vulnerability exists in the DHCP server of Cisco Prime Network
Registrar due to insufficient input validation of incoming DHCP traffic
that could allow the attacker to cause a denial of service (DoS) condition.
An attacker could exploit this vulnerability by sending a crafted DHCP
request to an affected device.
Successful exploitation of this vulnerability could allow the attacker to
cause a restart of the DHCP server process, causing a denial of service
(DoS) condition. 

2. Vulnerability in the Cisco MDS 9000 Series Switches ( CVE-2020-3175   ) 

This Vulnerability exists in the resource handling system of Cisco NX-OS
Software for Cisco MDS 9000 Series Multilayer Switches due to improper
resource usage control that could allow the attacker to cause unexpected
behaviors such as high CPU usage, process crashes, or even full system
reboots of an affected device. An attacker could exploit this vulnerability
by sending traffic to the management interface (mgmt0) of an affected
device at very high rates.
Successful exploitation of this vulnerability could allow the attacker to
cause a denial of service (DoS) condition. 

3. Remote Code Execution Vulnerability in Cisco Unified Contact Center
Express ( CVE-2020-3280   ) 

This Vulnerability exists in the Java Remote Management Interface of Cisco
Unified Contact Center Express due to insecure deserialization of
user-supplied content by the affected software that could allow the
attacker to execute arbitrary code. An attacker could exploit this
vulnerability by sending a malicious serialized Java object to a specific
listener on an affected system.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code as the root user on an affected device.

Solution
Apply appopriate updates as mentioned in: 
- -sa-cpnr-dhcp-dos-BkEZfhLP

- -sa-20200226-mds-ovrld-dos

- -sa-uccx-rce-GMSC6RKN

Vendor Information
CISCO
- -sa-cpnr-dhcp-dos-BkEZfhLP
- -sa-20200226-mds-ovrld-dos
- -sa-uccx-rce-GMSC6RKN

References
CISCO
- -sa-cpnr-dhcp-dos-BkEZfhLP
- -sa-20200226-mds-ovrld-dos
- -sa-uccx-rce-GMSC6RKN

CVE Name
CVE-2020-3272
CVE-2020-3175
CVE-2020-3280
Read more [..]

Ajay Verma , , , , 01:47
Severity Rating: HIGH

Software Affected 
•Cisco FTD Software 6.2.3.12, 6.2.3.13, 6.2.3.14, and 6.2.3.15.

Overview 
Vulnerability has been reported in the VPN System Logging functionality for
Cisco Firepower Threat Defense (FTD) Software which could allow an
unauthenticated, remote attacker to cause a memory leak that can deplete
system memory over time, which can cause unexpected system behaviors or
device crashes. 

Description
A Vulnerability exists in the VPN System Logging functionality for Cisco
Firepower Threat Defense (FTD) Software due to the system memory not being
properly freed for a VPN System Logging event generated when a VPN session
is created or deleted that could allow the attacker to cause system memory
depletion. An attacker could exploit this vulnerability by repeatedly
creating or deleting a VPN tunnel connection, which could leak a small
amount of system memory for each logging event. 

Successful exploitation of this vulnerability could allow the attacker to
cause system memory depletion, which can lead to a system wide denial of
service (DoS) condition. 

Solution
Apply appropriate updates as mentioned in: 
- -sa-ftd-dos-Rdpe34sd8

Vendor Information
CISCO
- -sa-ftd-dos-Rdpe34sd8

References
CISCO
- -sa-ftd-dos-Rdpe34sd8

CVE Name
CVE-2020-3189

Read more [..]

Ajay Verma , , , 01:38
Severity Rating: High
Software Affected
·          Cisco NX-OS Software.

Overview
Vulnerability has been reported in the network stack of Cisco NX-OS
Software  which could allow an unauthenticated, remote attacker to bypass
certain security boundaries or cause a denial of service (DoS) condition on
an affected device.

Description
  IP Packet Processing Vulnerability
A Vulnerability exists in the network stack of Cisco NX-OS Software due to
the affected device unexpectedly decapsulating and processing IP in IP
packets that are destined to a locally configured IP address that could
allow the attacker to route arbitrary traffic via an exposed network
interface and lead to spoofing, access control bypass, and other unexpected
network behaviors, which could cause a denial of service (DoS) condition.
An attacker could exploit this vulnerability by sending a crafted IP in IP
packet to an affected device.
Successful exploitation of this vulnerability could allow the attacker to
cause the affected device to unexpectedly decapsulate the IP in IP packet
and forward the inner IP packet. This may result in IP packets bypassing
input access control lists (ACLs) configured on the affected device or
other security boundaries defined elsewhere in the network and this could
leads to the network stack process to crash and restart multiple times,
leading to a reload of the affected device and a denial of service(DoS)
condition.

Solution
Apply appropriate updates as mentioned in:
- -sa-nxos-ipip-dos-kCT9X4

Vendor Information
CISCO

- -sa-nxos-ipip-dos-kCT9X4
Reference
CISCO
- -sa-nxos-ipip-dos-kCT9X4
CVE Name
(CVE-2020-10136)
Read more [..]
Subscribe to: Posts ( Atom )

© Copyright 2020. Designed By Templateify

© Copyright 2020. Ud64

Scroll to Top