Cisco Webex Meetings Client for MacOS Information Disclosure Vulnerability

A vulnerability in the multicast DNS (mDNS) protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running.

The vulnerability exists because sensitive information is included in the mDNS reply. An attacker could exploit this vulnerability by doing an mDNS query for a particular service against an affected device. A successful exploit could allow the attacker to gain access to sensitive information.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-info-disc-OHqg982

Security Impact Rating: Medium

CVE: CVE-2020-3182

Related:

  • No Related Posts

Cloud users have Workspace web access issue in some ISP networks with Error “Cannot find this website” or “INET_E_RESOURCE_NOT_FOUND”

Please use DNS over Https function in Firefox as a workaround.

1.In firefox, open settings and select options.

2.In the general panel, click “settings” button next to the “Network Settings” section.

3.Check the setting “Enable DNS over HTTPS”

For more information of enable “DNS over HTTPS” in Firefox, please refer to Firefox KB

https://support.mozilla.org/en-US/kb/firefox-dns-over-https

For other browsers, please search corresponding “DNS over HTTPS” settings of the browser.

If you applied above workaround but still encounter issues (e.g. no response after clicking the applications or desktops in the workspace page), you may try to use some 3rd party solutions of system level DNS over HTTPS. Please refer to https://developers.cloudflare.com/1.1.1.1/dns-over-https/ for Cloudflare DoH solution.

Related:

  • No Related Posts

Firewall rules “host” logic

I need a solution

Hello.

I’ve already found https://support.symantec.com/us/en/article.howto80715.html , but still have small question left.

I want to create firewall rule, which will allow specific traffic only if (local IP) and (local MAC) will match specific values.

Following mentioned article, “The hosts that you define on either side of the connection (between the source and the destination)” use OR condition, and “Selected hosts” use AND condition.

That’s fine to understand if we are talking about matching only IP-addresses, for example (we take any IP from “Local” block, any IP from “Remote” block, and connect them with AND statement).

But, in my case, both my conditions (local IP and local MAC) are on the same side – does it mean, that only “OR” is possible? Any way I can connect both this rules with “AND”?

0

Related:

  • No Related Posts

SMG doesn’t use higher preference MX routes?

I do not need a solution (just sharing information)

We have a compliance rule which routes matching messages to a domain name using MX records that we have defined in our DNS.  There are two MXes with preference 10 and one MX with preference 100.

During our most recent DR test, when both MX 10s were unavailable, the matching emails were just queueing up, Not willing to go to the MX 100 route.  I even started a TCPDUMP session which detected zero attempts to connect to the MX 100 target host.

Lowered the MX to 50.   Nothing.

Lowered the MX to 10, to match the other two – bingo, the emails flowed out to that target host.

So what’s going on there?  Is SMG’s routing logic broken?

0

Related:

  • No Related Posts

Since 8.5 RU2 FQDN appearing in Unattend.xml

I need a solution

Hi all,

We’ve recently updated to 8.5 RU2 (from 8.5) and also updated the Windows ADK to the 1809 flavour. Since then, we’ve found that the token replacement on the Unattend.xml file is putting the FQDN into the file instead of just the COMPUTERNAME. This is causing our domain joins to fail. Anyone else seen this or able to suggest why it’s started happening? This was all fine on 8.5 and an earlier ADK.

Thanks

Martin

0

Related:

  • No Related Posts

getting this error 554 5.7.1 even after applying the workaround?!

I need a solution

i set up SMG which was working for some time untill one day the customer cant send any emails through the smg and is getting this error 554 5.7.1

i tried to uncheck the box for the “Reject connections where the domain provided at HELO and EHLO has neither an ‘A’, nor an ‘AAAA’, nor an ‘MX’ record in DNS.” but still having this issue

i dont even understand this error? it says “The best solution is to have the owner of the IP addresses’ DNS records add a PTR record to resolve that IP to a fully qualified domain name (FQDN).”

what do they mean? do they mean the customer sending exchange server doesnt have an A record and a PTR record? or does it mean the smg doesnt have an A and PTR record???

0

Related:

  • No Related Posts

Proxy – Errored Connections

I need a solution

Hi All

By default How long Proxy will keep the errored connections? Has there any timeout to clear connection or it has to be done manually ??

Somehow Clients generating the traffic to the unresolved domain. I created the deny policy to block but still, I could see the connections in the errored proxy connections. My question is if the URL denied by the policy why the proxy does the DNS lookup and keep the errored connections.

Thanks in Advance.

0

Related:

  • No Related Posts

DNS Response Flags and UDP Payload Size being Modified by ADC in DNS Proxy Mode

RA FLAG Alteration:

Cause: The difference in “flags” value is due to the RA (Recursion Available) Flag. The response from Server to NS has this Flag but while forwarding the response NS removes this flag, this is the default behavior of NS when deployed in DNS proxy mode i.e. as a DNS LB.

Solution: If Load Balancing DNS Servers which are RA capable and you want to advertise the RA flag to clients then set the “Recursion Available” option on the DNS LB to YES


UDP Payload Size Header Alteration

Cause: UDP payload size value is a way to indicate to requestor / responder the maximum supported payload size in a single DNS Request / Response. On older builds, max supported DNS packet size on NetScaler in DNS proxy mode is limited to 1280, so NS changes this value on both directions.

Solution: Jumbo Frame support for DNS is added in 12.1.49.xx, new option added in DNS Parameters to increase it to 4096

https://docs.citrix.com/en-us/citrix-adc/12-1/dns/jumbo-frames-support-for-dns-to-handle-responses-of-large-sizes.html

Related:

  • No Related Posts