Pierluigi Paganini
September 06, 2018
Cisco released thirty security patch advisory to address a total of 32 security vulnerabilities in its products.
The good news is that the tech giant is not aware of any exploitation of the addressed vulnerabilities in attacks in the wild.
Three flaws are rated as critical, one of them is the recently discovered CVE-2018-11776 Apache Struts remote code execution vulnerability.
The other critical issues addressed by Cisco are the Cisco Umbrella API Unauthorized Access Vulnerability (CVE-2018-0435) and the Cisco RV110W, RV130W, and RV215W Routers Management Interface Buffer Overflow Vulnerability (CVE-2018-0423).
The “critical” flaw CVE-2018-0435 affects Cisco Umbrella API, a remote authenticated attacker could leverage the vulnerability to read or modify data across multiple organizations.
“A vulnerability in the Cisco Umbrella API could allow an authenticated, remote attacker to view and modify data across their organization and other organizations.” reads the security advisory.
“The vulnerability is due to insufficient authentication configurations for the API interface of Cisco Umbrella. An attacker could exploit this vulnerability to view and potentially modify data for their organization or other organizations. A successful exploit could allow the attacker to read or modify data across multiple organizations.”
The vulnerability has been addressed in the API, this means that no action is requested for the end-users.
The Umbrella solution is also affected by other high severity vulnerabilities, two flaws affect the Umbrella Enterprise Roaming client and attackers can exploit them by an authenticated attacker to elevate privileges to “Administrator.”
The second flaw addressed by Cisco is the CVE-2018-0423, a buffer overflow vulnerability that resides in the web-based management interface of several firewalls and routers belonging to the RV series. The flaw could be exploited by a remote and unauthenticated attacker to trigger a denial-of-service (DoS) condition or to execute arbitrary code.
“A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a denial of service condition or to execute arbitrary code.” reads the security advisory.
“The vulnerability is due to improper boundary restrictions on user-supplied input in the Guest user feature of the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to a targeted device, triggering a buffer overflow condition. A successful exploit could allow the attacker to cause the device to stop responding, resulting in a denial of service condition, or could allow the attacker to execute arbitrary code.”
The flaw could be exploited by an attacker by sending malicious requests to a targeted device, triggering a buffer overflow condition.
Cisco issued security updates for serious privilege escalation and information disclosure flaws in WebEx, a DoS flaw in Prime Access Registrar, two command injections in the Integrated Management Controller (IMC) software, and a privilege escalation in Data Center Network Manager.
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – Cisco critical flaws, security)
[adrotate banner=”5″]
[adrotate banner=”13″]
