CWP for Storage CloudFormation Setup Issue

I need a solution

Hi there,

I’m facing an issue with CWP for Storage CloudFormation template. When I tried to deploy it, it’s endup with below error. Is there way to sort it out. 

CREATE_FAILED AWS::AutoScaling::AutoScalingGroup ControllerGroupPolicy Received 0 SUCCESS signal(s) out of 1. Unable to satisfy 100% MinSuccessfulInstancesPercent requirement

Thank you!

0

Related:

  • No Related Posts

Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.

The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass

Security Impact Rating: Medium

CVE: CVE-2019-1969

Related:

  • No Related Posts

Cisco NX-OS Software SNMP Access Control List Configuration Name Bypass Vulnerability

A vulnerability in the implementation of the Simple Network Management Protocol (SNMP) Access Control List (ACL) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to perform SNMP polling of an affected device, even if it is configured to deny SNMP traffic.

The vulnerability is due to an incorrect length check when the configured ACL name is the maximum length, which is 32 ASCII characters. An attacker could exploit this vulnerability by performing SNMP polling of an affected device. A successful exploit could allow the attacker to perform SNMP polling that should have been denied. The attacker has no control of the configuration of the SNMP ACL name.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-nxos-snmp-bypass

Security Impact Rating: Medium

CVE: CVE-2019-1969

Related:

  • No Related Posts

Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.

The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1)-encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190828-fxnxos-snmp-dos

This advisory is part of the August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication, which includes five Cisco Security Advisories that describe five vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: August 2019 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.

Security Impact Rating: High

CVE: CVE-2019-1963

Related:

  • No Related Posts

Monitor for Load Balanced XML Servers Through NetScaler Fails with Error: “Ticket tag not found in response”

Users cannot log on multiple times a day and NetScaler XML monitor shows the following logs:

19483 0 PPE-0 MonServiceBinding_10.20.30.13:8080_(http_xml)(svcg_xml?storefront01.example.com?8080): DOWN; Last response: Failure - TicketTag not found in the response. Sun Oct 17 04:36:17 201519493 7 PPE-0 MonServiceBinding_10.20.30.13:8080_(http_xml)(svcg_xml?storefront01.example.com?8080): UP; Last response: Success - TicketTag found in the response. Sun Oct 17 04:36:47 201519494 0 PPE-0 'server_serviceGroup_NSSVC_HTTP_10.20.30.13:8080(svcg_xml?storefront01.example.com?8080)' UP Sun Oct 17 04:36:47 201519496 0 PPE-0 'server_serviceGroup_NSSVC_HTTP_10.20.32.13:8080(svcg_xml?storefront02.example.com?8080)' DOWN Sun Oct 17 04:38:56 201519497 35 PPE-0 MonServiceBinding_10.20.30.13:8080_(http_xml)(svcg_xml?storefront01.example.com?8080): DOWN; Last response: Failure - TCP connection successful, but application timed out Sun Oct 17 04:39:34 2015[…]19508 14 PPE-0 MonServiceBinding_10.20.30.13:8080_(http_xml)(svcg_xml?storefront01.example.com?8080): UP; Last response: Success - TicketTag found in the response. Sun Oct 17 04:41:33 201519509 0 PPE-0 'server_serviceGroup_NSSVC_HTTP_10.20.30.13:8080(svcg_xml?storefront01.example.com?8080)' UP Sun Oct 17 04:41:33 2015In NetScaler traces you can observe a reset getting sent with reset code 9701.

9700 – NSDBG_RST_PASS

This code indicates that the NetScaler appliance receives a TCP RST code from either the client or the server, and is transferring it. For example, the back end server sends a RST code, and the NetScaler appliance forwards it to the client with this code.

9701 – NSDBG_RST_NEST/NSDBG_RST_ACK_PASS

In NetScaler software release 9.1 and the later this code indicates that a RST code was forwarded as in the preceding RST code 9700, and the ACK flag was also set.

Related:

  • No Related Posts

Cisco SD-WAN Solution Packet Filtering Bypass Vulnerability

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters.

The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a target device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet in the network.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190807-sd-wan-bypass

Security Impact Rating: Medium

CVE: CVE-2019-1951

Related:

  • No Related Posts

WSS SyncAPI – Download to Windows –> Syslog

I need a solution

Hi All

We are currently using reporter to download the logs from WSS hourly, then have created a script to extract the files, for ingestion by nxlog, sending to our syslog server. I am aware that there is the SyncAPI option that allows more granular downloads. Does anyone know of a program similar to reporter, or have a powershell script / other script that we can use to perform this download.

Found an article for linux https://www.symantec.com/connect/forums/wss-syncapi-inquiry but ideally want windows 

0

Related:

  • No Related Posts

“show techsupport” fails to execute in admin partition with error ”Not authorized to execute this command“

The behavior is expected. NetScaler blocks all the noncli commands in partition for partition user under security consideration.

For show techsupport command, it’s done by executing the perl script below. Since partition user cannot run any noncli command under partition, it cannot run show techsupport either.

root@NS11# ls -l /netscaler/showtechsupport.pl

-r-xr-xr-x 1 root wheel 124927 Feb 27 18:11 /netscaler/showtechsupport.pl

Related:

  • No Related Posts