Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cisco Patches Serious Flaws in Networking, Security Products

Cisco has released software updates to address several critical and high severity vulnerabilities identified in various networking and security products.

Cisco has released software updates to address several critical and high severity vulnerabilities identified in various networking and security products.

One of the critical flaws, with a CVSS score of 10, is an unauthorized access issue (CVE-2015-6314) affecting several Cisco standalone and modular controllers running Wireless LAN Controller (WLC) software versions 7.6.120.0 and later, 8.0 and later, and 8.1 and later.

According to Cisco, a remote, unauthenticated attacker could exploit this vulnerability to modify a device’s configuration, which could lead to the device being completely compromised.

Another critical unauthorized access vulnerability (CVE-2015-6323) has been found in the admin portal of devices running Cisco Identity Services Engine (ISE), a policy management platform designed for automating and enforcing security access to network resources.

A remote, unauthenticated attacker who can connect to the admin portal can exploit the weakness to gain access and take control of vulnerable devices. Devices running Cisco ISE 1.1 or later, 1.2.0 prior to patch 17, 1.2.1 prior to patch 8, 1.3 prior to patch 5, and 1.4 prior to patch 4 are affected.

Cisco revealed on Wednesday that ISE is also plagued by a medium severity unauthorized access flaw that allows a remote, authenticated attacker to gain access to web resources that should only be accessible to administrative users.

Advisories published by Cisco on Wednesday also detail a couple of high severity vulnerabilities affecting Aironet 1800 Series Access Point devices. One of the issues is related to the existence of static credentials (CVE-2015-6336) that can be leveraged by a remote, unauthenticated attacker to log in to vulnerable devices. Cisco has pointed out that the exposed account does not have full admin privileges by default.

The second high severity bug in Aironet 1800 devices can be exploited remotely by an unauthenticated attacker to cause a denial-of-service (DoS) condition on the device by sending it a specially crafted IP packet (CVE-2015-6320).

All of these flaws were uncovered during internal security and quality assurance testing. Cisco says it’s not aware of any instances in which these vulnerabilities have been exploited for malicious purposes.

Since there are no workarounds for any of the security holes, users are advised to install the available updates as soon as possible.

After news broke that unauthorized code had been found in Juniper Networks’ ScreenOS firewall operating system, Cisco announced its intention to review its own products for similar malicious changes. In the case of Juniper, the unauthorized code found by the company introduced a backdoor and a weakness that can be exploited to decrypt VPN traffic.

Reports about a backdoor in Fortinet’s FortiOS operating system emerged earlier this week, but the enterprise security vendor said the issue was an unintentional bug patched in mid-2014, not a malicious backdoor.

Related: Attackers Attempt to Exploit Juniper Backdoor

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...