Tuesday, July 16, 2024
EHA

Cisco Released Security Updates and Fixed Critical Vulnerabilities that Affected Cisco Products

Cisco Security updates released with fixes for 8 vulnerabilities that affected the Cisco products and one those flaws allow remote attackers to execute the arbitrary code and taking the system control.

Security updates contain 2 severity flow fixed under “Critical” category and the remaining 6 vulnerabilities are addressed under “Medium” severity.

Cisco does not provide vulnerability details that could enable someone to craft an exploit and the fixed vulnerabilities are affected directly by the Cisco products.

Critical Vulnerabilities Under Cisco Security updates 

 1. Denial of Service Vulnerability (CVE-2018-0368

A critical vulnerability existing in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms allow a remote attacker can perform reload the process leads to perform denial of service (DoS) attack.

Improper handling of fragmented IPv4 packets Allows an attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device.

2. Web UI Command Injection Vulnerability(CVE-2018-0341)

A command injection vulnerability affected the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware which allow an attacker perform a command injection and execute commands with the privileges of the web server.

Medium Severity Vulnerabilities

1.Credential Logging Information Disclosure Vulnerability (CVE-2018-0368 )

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to access sensitive information on an affected system.

2. Denial of Service Vulnerability (CVE-2018-0385)

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an attacker to perform a denial of service (DoS) condition due to the Snort process unexpectedly restarting.

3. Access Control Policy Bypass Vulnerability (CVE-2018-0384)

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system.

4. Policy Bypass Vulnerability (CVE-2018-0383)

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP.

5. Denial of Service Vulnerability (CVE-2018-0370)

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing.
 
6. Cross-Site Scripting Vulnerability (CVE-2018-0366)
 

A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

Also Read

Microsoft Released Security Updates for July and Fixed 53 Security Vulnerabilities

Debian Released Security Updates for July and Fixed Multiple Package Vulnerabilities

Apple Released Security Updates for iOS, macOS, Safari, iTunes – iOS 11.4.1 Released

Website

Latest articles

Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as...

Singapore Banks to Phase out OTPs for Bank Account Logins Within 3 Months

The Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS)...

GuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive Data

A Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to...

ViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell Execution

ViperSoftX is an advanced malware that has become more complicated since its recognition in...

Malicious NuGet Campaign Tricking Developers To Inject Malicious Code

Hackers often target NuGet as it's a popular package manager for .NET, which developers...

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Airlines often become the target of hackers as they contain sensitive personal and financial...

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles