Cisco Webex Software Application Authorization Bypass Vulnerability

A vulnerability in the application integration feature of Cisco Webex Software could allow an unauthenticated, remote attacker to authorize an external application to integrate with and access a user’s account without that user’s express consent.

This vulnerability is due to improper validation of cross-site request forgery (CSRF) tokens. An attacker could exploit this vulnerability by convincing a targeted user who is currently authenticated to Cisco Webex Software to follow a link designed to pass malicious input to the Cisco Webex Software application authorization interface. A successful exploit could allow the attacker to cause Cisco Webex Software to authorize an application on the user’s behalf without the express consent of the user, possibly allowing external applications to read data from that user’s profile.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-2FmKd7T

Security Impact Rating: Medium

CVE: CVE-2021-34743

Related:

  • No Related Posts

Cisco Integrated Management Controller GUI Denial of Service Vulnerability

A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart.

The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imc-gui-dos-TZjrFyZh

Security Impact Rating: Medium

CVE: CVE-2021-34736

Related:

  • No Related Posts

Cisco Meeting Server Call Bridge Denial of Service Vulnerability

A vulnerability in an API of the Call Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

This vulnerability is due to improper handling of large series of message requests. An attacker could exploit this vulnerability by sending a series of messages to the vulnerable API. A successful exploit could allow the attacker to cause the affected device to reload, dropping all ongoing calls and resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cms-LAHe8z5v

Security Impact Rating: Medium

CVE: CVE-2021-40122

Related:

  • No Related Posts

Cisco Tetration Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Tetration could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected system.

This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need valid administrative credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sec-work-xss-t6SYtu8Q

Security Impact Rating: Medium

CVE: CVE-2021-34789

Related:

  • No Related Posts

Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

For more information about these vulnerabilities, see the Details section of this advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss1-rgxYry2V

Security Impact Rating: Medium

CVE: CVE-2021-34738,CVE-2021-40121

Related:

  • No Related Posts

Cisco Identity Services Engine File Download Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted.

This vulnerability is due to incorrect permissions settings on an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the device. A successful exploit could allow the attacker to download files that should be restricted.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-download-B3BR5KQA

Security Impact Rating: Medium

CVE: CVE-2021-40123

Related:

  • No Related Posts

Apache HTTP Server Vulnerabilties: October 2021

On October 5, 2021 and October 7, 2021, the Apache Software Foundation released two security announcements for the Apache HTTP Server that disclosed the following vulnerabilities: 

  • CVE-2021-41524: Null Pointer Dereference Vulnerability
  • CVE-2021-41773: Path Traversal and Remote Code Execution Vulnerability
  • CVE-2021-42013: Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)

For descriptions of these vulnerabilities, see the Apache Security Announcement. For additional information, see the Cisco TALOS blog post, Threat Advisory: Apache HTTP Server zero-day vulnerability opens door for attackers.

Cisco investigated its product line and concluded that no Cisco products are affected by these vulnerabilities.  

Security Impact Rating: Informational

CVE: CVE-2021-41524,CVE-2021-41773,CVE-2021-42013

Related:

  • No Related Posts

Cisco Identity Services Engine XML External Entity Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery (SSRF) attack through an affected device.

This vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by uploading a crafted XML file that contains references to external entities. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information, or cause the web application to perform arbitrary HTTP requests on behalf of the attacker.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xxe-inj-V4VSjEsX

Security Impact Rating: Medium

CVE: CVE-2021-34706

Related:

  • No Related Posts

Cisco Intersight Virtual Appliance Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device.

This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using the web-based management interface to execute a command using crafted input. A successful exploit could allow the attacker to execute arbitrary commands using root-level privileges on an affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsi2-command-inject-CGyC8y2R

Security Impact Rating: High

CVE: CVE-2021-34748

Related:

  • No Related Posts

Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability

A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition.

Note: Manual intervention may be required to recover from this situation.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-dos-fmHdKswk

Security Impact Rating: High

CVE: CVE-2021-34698

Related:

  • No Related Posts