Cisco Issues Security Patch
September 17th, 2018
Cisco Issues Security Patch Updates for 32 Flaws in its Products
Cisco today released thirty security patch advisory to address a total of 32 security vulnerabilities in its products, three of which are rated critical, including the recently disclosed Apache Struts remote code execution vulnerability that is being exploited in the wild.
Out of the rest 29 vulnerabilities, fourteen are rated high and 15 medium in severity, addressing security flaws in Cisco Routers, Cisco Webex, Cisco Umbrella, Cisco SD-WAN Solution, Cisco Cloud Services Platform, Cisco Data Center Network, and more products.
The three critical security vulnerabilities patched by Cisco address issues in Apache Struts, Cisco Umbrella API, and Cisco RV110W, RV130W and RV215W router’s management interface.
Apache Struts Remote Code Execution Vulnerability (CVE-2018-11776)
The vulnerability, reported late last month by Semmle security researcher Man Yue Mo, resides in the core of Apache Struts and originates due to insufficient validation of user-provided untrusted inputs in the core of the Struts framework under certain configurations.
“The vulnerability exists because the affected software insufficiently validates user-supplied input, allowing the use of results with no namespace value and the use of url tags with no value or action,” Cisco explains in its advisory.
“In cases where upper actions or configurations also have no namespace or a wildcard namespace, an attacker could exploit this vulnerability by sending a request that submits malicious input to the affected application for processing.”
An unauthenticated, remote attacker can trigger the vulnerability by tricking victims to visit a specially crafted URL on the affected web server, allowing the attacker to execute malicious code and eventually take complete control over the targeted server running the vulnerable application.
All applications that use Apache Struts—supported versions (Struts 2.3 to Struts 2.3.34, and Struts 2.5 to Struts 2.5.16) and even some unsupported Apache Struts versions—are potentially vulnerable to this flaw, even when no additional plugins have been enabled.
Apache Struts patched the vulnerability with the release of Struts versions 2.3.35 and 2.5.17 last month. Now, Cisco has also released fixes to address the issue in its several products. You can check the list of vulnerable Cisco products here.
Since there are no workarounds for this issue, organizations and developers are strongly advised to update their Struts components as soon as possible.
Cisco Umbrella API Unauthorized Access Vulnerability (CVE-2018-0435)
The second critical vulnerability patched by Cisco resides in the Cisco Umbrella API that could allow an authenticated, remote attacker to view and modify data across their organization as well as other organizations.
Cisco Umbrella is a cloud cyber security platform that provides the first line of defense against threats over all ports and protocols by blocking access to malicious domains, URLs, IPs, and files before a connection is ever established or a file is downloaded.
The vulnerability resides due to insufficient authentication configurations for the API interface of Cisco Umbrella, and successful exploitation could allow an attacker to read or modify data across multiple organizations.
Cisco has patched the vulnerability addressed this vulnerability in the Cisco Umbrella production APIs. No user action is required.
Cisco Routers Management Interface Buffer Overflow Vulnerability (CVE-2018-0423)
The last, but not the least, critical vulnerability resides in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a DoS condition.
The flaw occurs due to improper boundary restrictions on user-supplied input in the Guest user feature of the web-based management interface.
To exploit this vulnerability, an attacker can send malicious requests to a targeted device, triggering a buffer overflow condition.
“A successful exploit could allow the attacker to cause the device to stop responding, resulting in a denial of service condition, or could allow the attacker to execute arbitrary code,” the company explains.
This vulnerability affects all releases of Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router.
Cisco has addressed this vulnerability in firmware release 18.104.22.168 for the Cisco RV130W Wireless-N Multifunction VPN Router, and will not release firmware updates for the Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router.
According to the company’s Product Security Incident Response Team (PSIRT), Apache Struts is being exploited in the wild, while the team is not aware of any exploits leveraging the other two critical flaws.
Source: The Hack News
- A guide to onboard Security Information and Event Manag ...
- Digitalization without Cyber Security
- The story of university data attacks
- What is Soar?
- When Protection Fails, Forensics can still win the game
- Drones are capable to capture your communications!
- 2019 The Year of Cyber Crime
- Email Security Gateways
- Introduction to SIEM
- Insider Threat
- A beginner’s guide to Blockchain
- NoSQL – High-performance, non relational database ...
- Leveraging Cloud for Disaster Recovery
- Application Performance Monitoring
- Cognitive Security AI Driven Cyber Security
- Introduction to Container Services
- Insider Threat Detection
- Build Secure and Governed Microservices with Kafka Streams
- Add and Manage photos in Outlook messages and contacts ...
- Security on a Budget
- About CodeTwo Email Signatures for Office 365
- Googles presence in China
- Check Point Software acquires Dome9 to beef up multi-cl ...
- Exploring the benefits and challenges of hyper converge ...
- Next Generation cloud backup and data protection for Of ...
- Backup for Office 365 with Code Two
- Email Security
- Cisco Issues Security Patch
- British Airways Hacked
- AutoML Vision
- Day 2 Keynote: Bringing the Cloud to You
- CI/CD in a Serverless World
- Keynote Google
- Google Cloud Next 2018 in Under 12 Minutes
- UAE Crowned as the most Digital Friendly Country
- Ransomware continues to prey on the UAE
- Chrome for all
- Machine Learning for a Future-Facing ZTS Revolution
- The Dawn of the Cloud
- Will Cryptocurrency Replace Conventional Currency
- Internet of Thing Under Attack
- Cloud Native Computing Transforming IT Infrastructure
- Cyber Security with Artificial Intelligence
- Understanding Cybersecurity at the Corporate level
- Cryptojacking on the rise
- Google discontinues Google Search Appliance (GSA)
- Secure cloud entry points with Google Chrome Enterprise
- Cloud Infrastructure to drive UAE Cloud Computing Market
- AI to contribute $320 billion USD to Middle East GDP by 2030
- Well begun for well being
- A Spin around the Space
- Oracle opens first innovation hub with a focus on AI
- AI to bring a world of opportunities to Dubai
- The BitCoin Revolution
- Annihilating to a Green Thought
- The Intelligent Move
- Looking Right at the Face of Facebook and Google