Cisco Network Assurance Engine CLI Access with Default Password Vulnerability

A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) condition on the server.

The vulnerability is due to a fault in the password management system of NAE. An attacker could exploit this vulnerability by authenticating with the default administrator password via the CLI of an affected server. A successful exploit could allow the attacker to view potentially sensitive information or bring the server down, causing a DoS condition.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

Security Impact Rating: High

CVE: CVE-2019-1688

Related:

  • No Related Posts

Trend Micro Survey Finds 80 Percent of U.S. Businesses Expect a Critical Breach in 2019

Dateline City:
DALLAS

New Cyber Risk Index aims to help CISOs identify and prioritize threats

DALLAS–(BUSINESS WIRE)–Trend
Micro Incorporated
(TYO:
4704
; TSE:
4704
), a global leader in cybersecurity solutions, today released
the results of its Cyber Risk Index (CRI), a survey of more than 1,000
IT security professionals in the United States. The survey found 80
percent of IT business leaders anticipate a critical breach or
successful cyberattack over the coming year.

Language:
English

Contact:

Erin Johnson
817-522-7911
media_relations@trendmicro.com

Ticker Slug:
Ticker:
4704

Exchange:
TOKYO

ISIN:
JP3637300009

Ticker:
TMICY

Exchange:
NQB

read more

Related:

  • No Related Posts

Cisco Aironet Active Sensor Static Credentials Vulnerability

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor.

The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds

Security Impact Rating: Medium

CVE: CVE-2019-1675

Related:

  • No Related Posts

Avamar 7.5: PuTTY releases older than v0.63 fail to connect with “Server unexpectedly closed network connection” due to new MAC entries in the SSH server configuration file

Article Number: 504576 Article Version: 6 Article Type: Break Fix



Avamar Server,Avamar Server 7.5.0-183

In cryptography, a message authentication code (MAC), sometimes known as a tag, is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed. The MAC value protects both a message’s data integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content.

The sshd_config for Avamar 7.5.x or greater version supports the following MACs:

grep MAC /etc/ssh/sshd_config

MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-256,umac-128-etm@openssh.com,umac-128@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-ripemd160PermitEmptyPasswords no
After a fresh install when attempting to login to the Avamar grid using the 3rd party application PuTTY, following error is seen:
ssh-error

/var/log/messages can show the following error when logged via a console such as lights out port (RMC for Gen4t, RMM for Gen4s, vSphere Console for AVEs etc):

Oct 30 12:27:19 testavamar sshd[6087]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server hmac-sha2-512-etm@openssh.com,hmac-sha2-512,hmac-sha2-256-etm@openssh.com,hmac-sha2-256,umac-128-etm@openssh.com,umac-128@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-ripemd160

PuTTY releases less than version 0.63 doesn’t support these MACs

Recent install of a 7.5.x system

MAC entries were added to the sshd config file (/etc/ssh/sshd_config) on the Avamar Server

Download a PuTTY version that is greater than or equal to 0.63 and then ssh into the Avamar Server.

Note: As of September 28, 2017, the latest version of PuTTy is 0.70

Related:

  • No Related Posts