Cisco - Security Advisories and Alerts
Critical:
CVE-2018-15379 | Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability
Sistemas afectados:
- Cisco PI Software Releases 3.2 through 3.4 prior to the first fixed release are vulnerable if the TFTP server is enabled, which is the default setting.RV215W Wireless-N VPN Router
Descrição da Vulnerabilidade:
- Vunerabilidade na web-based management interface da Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, e Cisco RV215W Wireless-N VPN Router pode permitir um atacante não autenticado, remotamente a executar denial of service ou executar código.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15386 | Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco DNA Center Release 1.1.
Descrição da Vulnerabilidade:
- A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-0448 | Cisco Digital Network Architecture Center Authentication Bypass Vulnerability
Sistemas afectados:
- This vulnerability affects all releases of Cisco DNA Center Software prior to Release 1.1.4.
Descrição da Vulnerabilidade:
- A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and take complete control of identity management functions.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
High:
CVE-2018-15408 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities
Sistemas afectados:
- These vulnerabilities affect the following versions of the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows, which are available from Cisco Webex Business Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server:
- Cisco Webex Business Suite WBS31 sites – All Webex Network Recording Player and Webex Player versions prior to Version WBS31.23
- Cisco Webex Business Suite WBS32 sites – All Webex Network Recording Player and Webex Player versions prior to Version WBS32.15.20
- Cisco Webex Business Suite WBS33 sites – All Webex Network Recording Player and Webex Player versions prior to Version WBS33.4
- Cisco Webex Meetings Online – All Webex Network Recording Player and Webex Player versions prior to Version 1.3.37
- Cisco Webex Meetings Server – All Webex Network Recording Player versions prior to Version 3.0MR2 Patch 1
Descrição da Vulnerabilidade:
- Multiple vulnerabilities in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15387 | Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco SD-WAN Solution releases prior to Releases 17.2.8 and 18.3.1 running on the following Cisco products::
- vBond Orchestrator Software
- vEdge 100 Series Routers
- vEdge 1000 Series Routers
- vEdge 2000 Series Routers
- vEdge 5000 Series Routers
- vEdge Cloud Router Platform
- vManage Network Management Software
- vSmart Controller Software
Descrição da Vulnerabilidade:
- A vulnerability in the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass certificate validation on an affected device.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15382 | Cisco HyperFlex Software Static Signing Key Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco HyperFlex Software releases prior to 3.5(1a).
Descrição da Vulnerabilidade:
- A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15390| Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Firepower Threat Defense (FTD) Software Releases 6.2.3.x prior to Release 6.2.3.4, if FTP inspection is enabled, an access control rule with an associated FTP file policy is also enabled, and the software is running on any of the following Cisco products:
- 3000 Series Industrial Security Appliances (ISAs)
- ASA 5500-X Series Next-Generation Firewalls
- Firepower 2100 Series Security Appliances
- Firepower 4100 Series Security Appliances
- Firepower 9300 ASA Security Module
- Firepower Threat Defense Virtual (FTDv)
Descrição da Vulnerabilidade:
- A vulnerability in the FTP inspection engine of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-0455 | Cisco Firepower System Software Detection Engine Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Firepower System Software running on any of the following Cisco products:
- Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services
- Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls
- Advanced Malware Protection (AMP) for Networks, 7000 Series Appliances
- Advanced Malware Protection (AMP) for Networks, 8000 Series Appliances
- Firepower 2100 Series Security Appliances
- Firepower 4100 Series Security Appliances
- FirePOWER 7000 Series Appliances
- FirePOWER 8000 Series Appliances
- Firepower 9300 Series Security Appliances
- FirePOWER Threat Defense for Integrated Services Routers (ISRs)
- Firepower Threat Defense Virtual
- Industrial Ethernet 3000 Series Switches
- Next-Generation Intrusion Prevention System (NGIPSv)
- Virtual Next-Generation Intrusion Prevention System (NGIPSv)
Descrição da Vulnerabilidade:
- A vulnerability in the Server Message Block Version 2 (SMBv2) and Version 3 (SMBv3) protocol implementation for the Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the device to run low on system memory, possibly preventing the device from forwarding traffic.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort
CVE-2018-0426 | Cisco RV110W, RV130W, and RV215W Routers Management Interface Directory Traversal Vulnerability
Sistemas afectados:
- Esta vulneribilidade afecta todas as versões do seguintes produtos da Cisco:
- RV110W Wireless-N VPN Firewall;
- RV130W Wireless-N Multifunction VPN Router;
- RV215W Wireless-N VPN Router.
Descrição da Vulnerabilidade:
- Vunerabilidade na web-based management interface dos Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, e Cisco RV215W Wireless-N VPN Router pode permitir um atacante não autenticado, remotamente ganhar acesso a informação privada.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15389 | Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Prime Collaboration Provisioning prior to Release 12.1.
Descrição da Vulnerabilidade:
- A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15383 | Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects the following Cisco products if they are running a vulnerable release of Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software:vEdge 100 Series Routers;
- ASA 5506-X with FirePOWER Services
- ASA 5506H-X with FirePOWER Services
- ASA 5506W-X with FirePOWER Services
- ASA 5508-X with FirePOWER Services
- ASA 5516-X with FirePOWER Services
Descrição da Vulnerabilidade:
- A vulnerability in the cryptographic hardware accelerator driver of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a temporary denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
Medium:
CVE-2018-15403 | Multiple Cisco Unified Communications Products Open Redirect Vulnerability
Sistemas afectados:
- This vulnerability affects the following Cisco products:
- Emergency Responder
- Unified Communications Manager
- Unified Communications Manager IM & Presence Service (formerly CUPS)
- Unity Connection
Descrição da Vulnerabilidade:
- A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15400 | Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Cloud Services Platform 2100. For information about affected software releases, consult the Cisco bug ID(s) at the top of this advisory.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15399 | Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software.
Descrição da Vulnerabilidade:
- A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15397 | Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability
Sistemas afectados:
- At the time of publication, this vulnerability affected the following Cisco products:
- Adaptive Security Appliance (ASA) Software Releases 9.6.4, 9.8.2, and 9.9.1, prior to the first fixed release
- Firepower Threat Defense (FTD) Software Release 6.2.2
Descrição da Vulnerabilidade:
- vulnerability in the implementation of Traffic Flow Confidentiality (TFC) over IPsec functionality in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15398 | Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco products that are running a vulnerable release of Cisco Adaptive Security Appliance (ASA) Software or Cisco Firepower Threat Defense (FTD) Software and meet all the following conditions:
- At least one interface ACL has the per-user-override feature (per-user-override) enabled.
- At least one remote access VPN connection profile or site-to-site VPN connection profile (tunnel-group) is configured and associated with a group policy (group-policy) that specifies a filter ACL (vpn-filter).
- A VPN tunnel that is associated with an affected connection profile (tunnel-group) is currently up.
Descrição da Vulnerabilidade:
- A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control list (ACL) that is configured for an interface of an affected device.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-0465 | Cisco Small Business 300 Series Managed Switches Cross-Site Scripting Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Small Business 300 Series Managed Switches. For information about affected software releases, consult the Cisco bug ID(s) at the top of this advisory.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco Small Business 300 Series Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected system.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15391 | Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Remote PHY Software.
Descrição da Vulnerabilidade:
- A vulnerability in certain IPv4 fragment-processing functions of Cisco Remote PHY Software could allow an unauthenticated, remote attacker to impact traffic passing through a device, potentially causing a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-phy-ipv4-dos
CVE-2018-15436 | Cisco Webex Centers Cross-Site Scripting Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center, which are cloud based.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco Webex Events Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected service.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15396 | Cisco Unity Connection File Upload Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Unity Connection.
Descrição da Vulnerabilidade:
- A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15434 | Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Unified IP Phone 7900 Series.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco Unified IP Phone 7900 Series could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15406 | Cisco UCS Director Stored Cross-Site Scripting Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco UCS Director.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15426 | Cisco Unity Connection Stored Cross-Site Scripting Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Unity Connection.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based interface of the affected software.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15432 & CVE-2018-15433 | Cisco Prime Infrastructure Information Disclosure Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Prime Infrastructure.
Descrição da Vulnerabilidade:
- A vulnerability in the server backup function of Cisco Prime Infrastructure could allow an authenticated, remote attacker to view sensitive information.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15424 | Multiple Vulnerabilities in Cisco Identity Services Engine
Sistemas afectados:
- These vulnerabilities affect Cisco Identity Services Engine (ISE).
Descrição da Vulnerabilidade:
- Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15428 | Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco IOS XR Software.
Descrição da Vulnerabilidade:
- A vulnerability in the implementation of Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15392 | Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability
Sistemas afectados:
- At the time of publication, this vulnerability affected Cisco Industrial Network Director releases prior to Release 1.5.0.
Descrição da Vulnerabilidade:
- A vulnerability in the DHCP service of Cisco Industrial Network Director could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-0446 | Cisco Industrial Network Director Cross-Site Request Forgery Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Industrial Network Director.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15405 | Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web Interface Information Disclosure Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director.
Descrição da Vulnerabilidade:
- A vulnerability in the web interface for specific feature sets of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to access sensitive information.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-imcs-ucsd-id
CVE-2018-15404 | Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources Denial of Service Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director.
Descrição da Vulnerabilidade:
- A vulnerability in the web interface of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected system
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15429 | Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco HyperFlex HX Data Platform Software.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15407 | Cisco HyperFlex World-Readable Sensitive Information Vulnerability
Sistemas afectados:
- Cisco Webex Player dos sites Cisco Webex Meetings Suite.
Descrição da Vulnerabilidade:
- A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15423 | Cisco HyperFlex UI Clickjacking Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco HyperFlex Software.
Descrição da Vulnerabilidade:
- A vulnerability in the web UI of Cisco HyperFlex Software could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15401 | Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability
Sistemas afectados:
- Cisco Webex Player dos sites Cisco Webex Meetings Suite.
Descrição da Vulnerabilidade:
- A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-0453 | Cisco Firepower Management Center and Firepower System Software Sourcefire Tunnel Control Channel Command Execution Vulnerability
Sistemas afectados:
- This vulnerability affects the following Cisco products, if they are running a vulnerable release of Cisco Firepower System Software:
- Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services
- Adaptive Security Appliance (ASA) 5500-X Series Next-Generation Firewalls
- FirePOWER 7000 Series Appliances
- FirePOWER 8000 Series Appliances
- Firepower 2100 Series Security Appliances
- Firepower 4100 Series Security Appliances
- Firepower 9300 Series Security Appliances
- Firepower Management Center
- Firepower Threat Defense
- Firepower Threat Defense Virtual (FTDv)
- Virtual Next-Generation Intrusion Prevention System (NGIPSv)
Descrição da Vulnerabilidade:
- A vulnerability in the Sourcefire tunnel control channel protocol in Cisco Firepower System Software running on Cisco Firepower Threat Defense (FTD) sensors could allow an authenticated, local attacker to execute specific CLI commands with root privileges on the Cisco Firepower Management Center (FMC), or through Cisco FMC on other Firepower sensors and devices that are controlled by the same Cisco FMC. To send the commands, the attacker must have root privileges for at least one affected sensor or the Cisco FMC.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências:
CVE-2018-15430 | Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability
Sistemas afectados:
- This vulnerability affects Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software.
Descrição da Vulnerabilidade:
- A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system.
Recomendação:
- Recomendamos que seja verificado o seguinte link.
Referências: