Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability

<p>A vulnerability in the CLI parser of Cisco&nbsp;FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the <em>root</em> user.</p>
<p>This vulnerability is due to improper handling of undefined command parameters. An attacker could exploit this vulnerability by using a crafted command on the CLI or by submitting a crafted HTTPS request to the web-based management interface of the Cisco&nbsp;ASA that is hosting the ASA FirePOWER module.</p>
<p><strong>Note:</strong> To exploit this vulnerability, the attacker must have administrative access to the Cisco&nbsp;ASA. A user who has administrative access to a particular Cisco&nbsp;ASA is also expected to have administrative access to the ASA FirePOWER module that is hosted by that Cisco&nbsp;ASA.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG” target=”_blank”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asasfr-cmd-inject-PE4GfdG</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20828

Related:

  • No Related Posts

Cisco Adaptive Security Device Manager and Adaptive Security Appliance Software Client-side Arbitrary Code Execution Vulnerability

<p>A vulnerability in the packaging of Cisco&nbsp;Adaptive Security Device Manager (ASDM) images and the validation of those images by Cisco&nbsp;Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker with administrative privileges to upload an ASDM image that contains malicious code to a device that is running Cisco&nbsp;ASA Software.</p>
<p>This vulnerability is due to insufficient validation of the authenticity of an ASDM image during its installation on a device that is running Cisco&nbsp;ASA Software. An attacker could exploit this vulnerability by installing a crafted ASDM image on the device that is running Cisco&nbsp;ASA Software and then waiting for a targeted user to access that device using ASDM. A successful exploit could allow the attacker to execute arbitrary code on the machine of the targeted user with the privileges of that user on that machine.</p>
<p><strong>Notes:</strong></p>
<ul>
<li>To successfully exploit this vulnerability, the attacker must have administrative privileges on the device that is running Cisco&nbsp;ASA Software.</li>
<li>Potential targets are limited to users who manage the same device that is running Cisco&nbsp;ASA Software using ASDM.</li>
</ul>
<p>Cisco&nbsp;has released and will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-asdm-sig-NPKvwDjm</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20829

Related:

  • No Related Posts

Cisco Identity Services Engine Authentication Bypass Vulnerability

<p>A vulnerability in the login page of Cisco&nbsp;Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions.</p>
<p>This vulnerability is due to exposed sensitive Security Assertion Markup Language (SAML) metadata. An attacker could exploit this vulnerability by using the exposed SAML metadata to bypass authentication to the user portal. A successful exploit could allow the attacker to access all roles without any restrictions.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISE-SAML-nuukMPf9″ target=”_blank”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISE-SAML-nuukMPf9</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20733

Related:

  • No Related Posts

Cisco IP Phone Duplicate Key Vulnerability

<p>A vulnerability in Cisco&nbsp;Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user’s phone if the Cisco&nbsp;Unified Communications Manager (CUCM) is in secure mode.</p>
<p>This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user’s phone.</p>
<p>This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability.&nbsp; &nbsp;</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cp6901-dup-cert-82jdJGe4″>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cp6901-dup-cert-82jdJGe4</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20817

Related:

  • No Related Posts

Cisco Email Security Appliance and Cisco Secure Email and Web Manager Information Disclosure Vulnerability

<p>A vulnerability in the web management interface of Cisco&nbsp;Secure Email and Web Manager, formerly Cisco&nbsp;Security Management Appliance (SMA), and Cisco&nbsp;Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device.</p>
<p>This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasma-info-dsc-Q9tLuOvM” target=”_blank”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esasma-info-dsc-Q9tLuOvM</a></p>

Security Impact Rating: High

CVE: CVE-2022-20664

Related:

  • No Related Posts

Cisco AppDynamics Controller Authorization Bypass Vulnerability

<p>A vulnerability in the web-based management interface of Cisco&nbsp;AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access.</p>
<p>This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console.</p>
<p>AppDynamics has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-contrl-athzn-bp-BLypgsbu”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appd-contrl-athzn-bp-BLypgsbu</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20736

Related:

  • No Related Posts

Cisco Email Security Appliance and Cisco Secure Email and Web Manager External Authentication Bypass Vulnerability

<p>A vulnerability in the external authentication functionality of Cisco&nbsp;Secure Email and Web Manager, formerly known as Cisco&nbsp;Security Management Appliance (SMA), and Cisco&nbsp;Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass authentication and log in to the web management interface of an affected device.</p>
<p>This vulnerability is due to improper authentication checks when an affected device uses Lightweight Directory Access Protocol (LDAP) for external authentication. An attacker could exploit this vulnerability by entering a specific input on the login page of the affected device. A successful exploit could allow the attacker to gain unauthorized access to the web-based management interface of the affected device.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-esa-auth-bypass-66kEcxQD” target=”_blank”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-esa-auth-bypass-66kEcxQD</a></p>

Security Impact Rating: Critical

CVE: CVE-2022-20798

Related:

  • No Related Posts

Cisco IOS XR Software Health Check Open Port Vulnerability

<p>A vulnerability in the health check RPM of Cisco&nbsp;IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container.</p>
<p>This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco&nbsp;IOS XR Software host system.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK” target=”_blank”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-redis-ABJyE5xK</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20821

Related:

  • No Related Posts

Cisco Secure Network Analytics Remote Code Execution Vulnerability

<p>A vulnerability in the web-based management interface of Cisco&nbsp;Secure Network Analytics, formerly Cisco&nbsp;Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system.</p>
<p>This vulnerability is due to insufficient user input validation by the web-based management interface of the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands in the web-based management interface. A successful exploit could allow the attacker to make configuration changes on the affected device or cause certain services to restart unexpectedly.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-2hYb9KFK” target=”_blank”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-stealth-rce-2hYb9KFK</a></p>
<p><strong>Attention</strong>: Simplifying the Cisco&nbsp;portfolio includes the renaming of security products under one brand: Cisco&nbsp;Secure. For more information, see&nbsp;<a href=”https://www.cisco.com/c/en/us/products/security/secure-names.html”>Meet Cisco&nbsp;Secure</a>.</p>

Security Impact Rating: Medium

CVE: CVE-2022-20797

Related:

  • No Related Posts

Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities

<p>Multiple vulnerabilities in the web-based management interface of Cisco&nbsp;Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.</p>
<p>These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.&nbsp;</p>
<p>Cisco&nbsp;has released software updates to address these vulnerabilities. There are no workarounds that address these vulnerabilities.</p>
<p>This advisory is available at the following link:<br><a href=”https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb”>https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cspc-multi-xss-tyDFjhwb</a></p>

Security Impact Rating: Medium

CVE: CVE-2022-20666,CVE-2022-20667,CVE-2022-20668,CVE-2022-20669,CVE-2022-20670,CVE-2022-20671,CVE-2022-20672,CVE-2022-20673,CVE-2022-20674

Related:

  • No Related Posts