Cisco issued some 40 security advisories today but only one of them was deemed critical” – a vulnerability in the Cisco Nexus 9000 Collection Application Centric Infrastructure (ACI) Mode data-center switch that could let an attacker secretly access system resources.
The exposure, which was given a Common Vulnerability Credit scoring System importance of 9. 8 out of 10, is described as a problem with secure covering (SSH) key-management for the Cisco Nexus 9000 that lets a remote attacker to hook up to the afflicted system with the privileges of a underlying user, Cisco said.
The vulnerability is due to the existence of the arrears SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH relationship via IPv6 to a targeted device using the extracted key materials. This specific vulnerability is merely exploitable over IPv6; IPv4 is not vulnerable, " Cisco had written.
This vulnerability impacts Nexus 9000s if they are running a Cisco NX-OS software release prior to 14. 1, and the business said there were no workarounds to address the problem.
However, Cisco has released free software improvements that address the vulnerability.
The company also issued a high” security alert advisory for the Nexus 9000 that involves an exploit that will let assailants execute arbitrary operating-system commands as root on an afflicted device. To achieve success, an attacker would need appropriate administrator credentials for the product, Cisco said.
The weeknesses is due to extremely broad system-file permissions, Gresca wrote. An attacker could exploit this vulnerability by authenticating to an impacted device, creating a crafted control string and writing this crafted string to a specific file location.
[ Prepare to become a Certified Information Security Methods Professional with this thorough online course from PluralSight. Now offering a 10-day free trial! ]
Gresca has released software improvements that address this vulnerability.
Two other vulneraries rated high” also involved the Nexus 9000:
A weakness in the background-operations functionality of Cisco Nexus 9000 software could allow an authenticated, local attacker to gain elevated privileges as root by using an afflicted device. The vulnerability is credited to insufficient validation of user-supplied files on an influenced device. Cisco said an attacker could take advantage of this vulnerability by signing in to the CLI of the afflicted device and creating a crafted file in a specific directory on the filesystem.
A weak point in the background-operations functionality of the WS-C2960XR-48LPS-I switch software could allow an opponent to login to the CLI of the afflicted device and create a crafted file in a specific directory on the filesystem. The vulnerability is due to insufficient approval of user-supplied files on an influenced device, Gresca said.
Cisco has released software for these weaknesses as well.
Also part of these security signals were a number of high” rated warnings about vulneraries in Cisco’s FirePower firewall series.
For example Cisco wrote that multiple vulnerabilities in the Storage space Message Block Protocol preprocessor detection engine for Barullo Firepower Threat Defense Software could allow an unauthenticated, adjacent or remote opponent to cause a denial of service (DoS) condition.
Yet another vulnerability in the internal packet-processing functionality of Cisco Firepower software for the Cisco Firepower 2100 Series could let an unauthenticated, remote attacker cause an afflicted device to stop processing traffic, producing in a DOS situation, Cisco said.
درباره این سایت