Sikkerhetsoppdateringer fra Cisco

Publisert: 30.07.2018

Cisco har sluppet sikkerhetsoppdateringer for flere av sine produkter.

Kritiske varsler:

Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability

Cisco Policy Suite < 18.2.0

En sårbarhet i Policy Builder-grensesnittet i Cisco Policy Suite kan gi en uautentisert angriper tilgang til Policy Builder på grunn av manglende autentisering. Ved suksessfull utnyttelse kan angriperen endre på det som ligger her.

Cisco har ikke vist noen måte å konfigurere seg rundt dette.

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access

Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability

Cisco Policy Suite < 18.1.0

En sårbarhet i Open Systems Gateway initiative (OSGi) grensesnittet i Cisco Policy Suite kan gi en uautentisert angriper tilgang til OSGi-grensesnittet gjennom manglende autentisering. Ved suksessfull
utnyttelse kan angriper se eller endre hvilken som helst fil som er tilgjengelig gjennom OSGi-prosessen.

Cisco har ikke vist noen måte å konfigurere seg rundt dette.

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access

Cisco Policy Suite Policy Builder Database Unauthenticated Access

Vulnerability Cisco Policy Suite < 18.2.0

En sårbarhet i Policy Builder-databasen som kan la en uautentisert angriper å koble seg rett til databasen, for deretter å ha fri tilgang til å se eller endre data i databasen.

Cisco har ikke vist noen måte å konfigurere seg rundt dette.

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access

Cisco Policy Suite Cluster Manager Default Password Vulnerability Cisco

Policy Suite < 18.2.0

En sårbarhet i Cluster Manager som lar en uautentisert angriper logge inn på systemet som root ved at det eksisterer statiske udokumenterte kredentialer for root-brukeren. Ved suksessfull utnyttelse av denne sårbarheten vil en angriper ha mulighet til å kjøre vilkårlige kommandoer som root på disse systemene.

Cisco har ikke vist til noen måte å konfigurere seg rundt dette.

Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-cm-default-psswrd

Berørte produkter:

  • Cisco Nexus 9000 Series Fabric Switches Application-Centric

Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability

  • Cisco Policy Suite Cluster Manager Default Password Vulnerability
  • Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
  • Cisco Policy Suite Policy Builder Database Unauthenticated Access

Vulnerability

  • Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability
  • Cisco SD-WAN Solution CLI Command Injection Vulnerability
  • Cisco SD-WAN Solution Command Injection Vulnerability
  • Cisco SD-WAN Solution Command Injection Vulnerability
  • Cisco SD-WAN Solution Configuration and Management Database Remote Code

Execution Vulnerability

  • Multiple Vulnerabilities in Cisco Finesse
  • Cisco SD-WAN Solution Remote Code Execution Vulnerability
  • Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability
  • Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code

Execution Vulnerability

  • Cisco SD-WAN Solution Zero Touch Provisioning Command Injection

Vulnerability

  • Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service

Vulnerability

  • Cisco Unified Communications Manager IM And Presence Service Cross-Site

Scripting Vulnerability

  • Cisco Webex DOM-Based Cross-Site Scripting Vulnerability
  • Cisco Webex Network Recording Players Denial of Service Vulnerabilities
  • Cisco Webex Network Recording Players Remote Code Execution

Vulnerabilities

  • Cisco Webex Teams Remote Code Execution Vulnerability
  • Multiple Vulnerabilities in Cisco Unified Contact Center Express
  • Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability
  • Cisco Cloud Services Platform 2100 Web Upload Function Code Injection

Vulnerability

  • Cisco Policy Suite Read-Only User Effect Change Vulnerability
  • Cisco Policy Suite World-Readable Sensitive Data Vulnerability
  • Cisco SD-WAN Solution Local Buffer Overflow Vulnerability

CVE referanser

CVE-2018-0342, CVE-2018-0343, CVE-2018-0344, CVE-2018-0345,
CVE-2018-0346, CVE-2018-0347, CVE-2018-0348, CVE-2018-0349, CVE-2018-0350,
CVE-2018-0351, CVE-2018-0372, CVE-2018-0374, CVE-2018-0375, CVE-2018-0376,
CVE-2018-0377, CVE-2018-0379, CVE-2018-0380, CVE-2018-0387, CVE-2018-0390,
CVE-2018-0392, CVE-2018-0393, CVE-2018-0394, CVE-2018-0396, CVE-2018-0398,
CVE-2018-0399, CVE-2018-0400, CVE-2018-0401, CVE-2018-0402, CVE-2018-0403

Vi anbefaler å oppdatere berørte systemer snarest.

Referanser: