Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cisco Patches Critical Vulnerabilities in Prime Infrastructure (PI) Software

Cisco has released patches for numerous vulnerabilities affecting its products, including Critical flaws in the Cisco Prime Infrastructure (PI) Software that could allow remote code execution.

A total of three vulnerabilities were identified in the PI software, namely CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823, featuring a CVSS score of 9.8.

Cisco has released patches for numerous vulnerabilities affecting its products, including Critical flaws in the Cisco Prime Infrastructure (PI) Software that could allow remote code execution.

A total of three vulnerabilities were identified in the PI software, namely CVE-2019-1821, CVE-2019-1822, and CVE-2019-1823, featuring a CVSS score of 9.8.

The bugs impact the web-based management interface of Cisco PI and Cisco Evolved Programmable Network (EPN) Manager and could allow a remote attacker to execute arbitrary code with elevated privileges.

CVE-2019-1821, Cisco explains in an advisory, can be exploited by an unauthenticated attacker with network access to the affected administrative interface.

CVE-2019-1822 and CVE-2019-1823, on the other hand, require that the attacker has valid credentials to authenticate to the impacted administrative interface.

“These vulnerabilities exist because the software improperly validates user-supplied input. An attacker could exploit these vulnerabilities by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges,” Cisco says. 

The vulnerabilities were found in PI Software Releases prior to 3.4.1, 3.5, and 3.6, and EPN Manager Releases prior to 3.0.1. Cisco has already released software updates to address these issues. 

The company says it is not aware of public announcements or malicious use of these vulnerabilities.

Additionally, Cisco released patches for 10 High severity security issues in ASR 9000 Series routers, Webex Network Recording Player for Windows, Small Business Sx200, Sx300, Sx500, ESW2 Series and Sx250, Sx350, Sx550 Series switches, PI and EPN Manager, FXOS and NX-OS Software, IOS XR Software, Video Surveillance Manager, and Nexus 9000 Series switches.

Exploitation of these flaws could lead to denial of service, arbitrary code execution, execution of arbitrary SQL queries, information disclosure, or elevation of privileges to root user. 

In addition to these, Cisco released patches for over 40 Medium risk vulnerabilities, most of which were found in NX-OS software. These include command injection bugs, secure configuration bypass, buffer overflow, SSH Key information disclosure, patch traversal, and policy bypass.

The company also updated the list of products impacted by a recently disclosed vulnerability impacting its Secure Boot implementation. Tracked as CVE-2019-1649, this High severity flaw could be exploited to permanently write a modified firmware image to the hardware component of the Secure Boot. 

Related: Cisco Patches Critical Vulnerability in Data Center Switches

Related: Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software

Related: Default Account in Cisco CSPC Allows Unauthorized Access

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE).