Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cisco Patches High Severity Flaws in Several Products

Cisco announced on Wednesday the release of software updates that address high severity vulnerabilities in switches and products designed for security and system management.

Cisco announced on Wednesday the release of software updates that address high severity vulnerabilities in switches and products designed for security and system management.

One of the vulnerabilities is an access control issue affecting the Cisco Application Policy Infrastructure Controller (APIC), a management product that is part of Cisco Application Centric Infrastructure (ACI).

The security hole, tracked as CVE-2016-1302, is caused by a logic issue in the role-based access control (RBAC) processing code and it allows an authenticated attacker to make configuration changes that they normally are not allowed to do.

The flaw affects Cisco APIC running software versions prior to 1.0(3h) and 1.1(1j), and Cisco Nexus 9000 Series ACI Mode switches running software versions prior to 11.0(3h) and 11.1(1j).

Cisco also revealed that Nexus 9000 switches, which are also a component of ACI, are plagued by a denial-of-service (DoS) bug that can be triggered by a remote, unauthenticated attacker using a specially crafted ICMP packet. This vulnerability, tracked as CVE-2015-6398, impacts Cisco Nexus 9000 Series ACI Mode switches running software versions prior to 11.0(1c).

Cisco ASA-CX and Cisco Prime Security Manager (PRSM) products are also affected by a high severity flaw. The weakness, assigned the identifier CVE-2016-1301, allows a remote, authenticated attacker to change the password of any user, including administrators. The networking giant has pointed out that the flaw can be exploited by an attacker who does not have admin privileges using a specially crafted HTTP request.

Cisco ASA-CX Context-Aware Security and Cisco PRSM prior to 9.3.1.1(112) are impacted. It’s worth noting that Cisco has announced end-of-sale and end-of-life dates for these products.

These vulnerabilities have been found by Cisco and the company says there is no evidence that they have been exploited for malicious purposes.

In addition to these flaws, Cisco has released advisories to detail three medium severity issues for which software updates have yet to be released. The bugs are a SQL injection in Unified Communications Manager (UCM), and cross-site scripting (XSS) vulnerabilities in the Jabber Guest app and Unity Connection.

Related: Cisco Patches Serious Flaws in Networking, Security Products

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...