332 replies to this topic

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Video Communication Server and Expressway Trusted Certificate Authentication Bypass Vuln
- https://tools.cisco....sa-20160706-vcs
2016 July 6 v1.0 - "Summary: A vulnerability in certificate management and validation for the Mobile and Remote Access (MRA) feature for Cisco Expressway Series and TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to bypass authentication and access internal HTTP system resources. The vulnerability is due to lack of proper input validation of a trusted certificate. An attacker could exploit this vulnerability by connecting to the targeted device with a trusted certificate. An exploit could allow the attacker to bypass authentication and access internal HTTP system resources. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software versions X8.1 and later are affected...
- http://www.securityt....com/id/1036237
CVE Reference: CVE-2016-1444
Jul 7 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): X8.1 and after ...
The vendor has assigned bug ID CSCuz64601 to this vulnerability.
Impact: A remote user can bypass authentication and access internal web resources on the target system.
Solution: The vendor has issued a fix...
___

Cisco AMP Threat Grid Unauthorized Clean IP Access Vuln
- https://tools.cisco....-sa-20160706-tg
2016 July 6 v1.0 - "Summary: A vulnerability in the virtual network stack of the Cisco AMP Threat Grid Appliance could allow an unauthenticated, remote attacker to access internal interfaces within the appliance. The vulnerability is due to insufficient isolation between the sandbox and other internal components. An attacker could exploit this vulnerability by submitting a malware sample crafted to exploit this flaw. An exploit could allow the attacker to intercept interprocess calls and allow them to access, modify, and delete information from the system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco AMP Threat Grid Appliance running a software version prior to 2.1.1 is affected by this issue. This issue does not affect Cisco AMP Threat Grid Cloud...
Fixed Software: Cisco provides information about fixed software in Cisco bugs, which are accessible through the Cisco Bug Search Tool: https://bst.cloudapp...earch/bug/BUGID
When considering software upgrades, customers are advised to consult the Cisco Security Advisories and Responses archive at:

- http://www.cisco.com/go/psirt  
and review subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. This vulnerability is resolved in Cisco AMP Threat Grid Appliance Software 2.1.1 and later..."
 

  

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco IOS XR for NCS 6000 Packet Timer Leak DoS Vuln
- https://tools.cisco....-20160713-ncs6k
2016 July 13 v1.0 High - "Summary: A vulnerability in the management of system timer resources in Cisco IOS XR for Cisco Network Convergence System 6000 (NCS 6000) Series Routers could allow an unauthenticated, remote attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the Route Processor (RP) on the affected platform. The vulnerability is due to improper management of system timer resources. An attacker could exploit this vulnerability by sending a number of Secure Shell (SSH), Secure Copy Protocol (SCP), and Secure FTP (SFTP) management connections to an affected device. An exploit could allow the attacker to cause a leak of system timer resources, leading to a nonoperational state and an eventual reload of the RP on the affected platform. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability...
Vulnerable Products: Cisco NCS 6000 running an affected version of Cisco IOS XR is vulnerable when configured to process SSH, SCP, and SFTP management connections to the device. For information about which Cisco IOS XR Software releases for Cisco NCS 6000 are vulnerable, see the "Fixed Software" section of this advisory. This vulnerability can be exploited using both IPv4 and IPv6 packets. The vulnerability can be triggered by SSH, SCP, or SFTP management connections destined to TCP listening port 22 or other TCP ports configured for those services, and using an IPv4 or IPv6 unicast address of any interface configured on a device...
- http://www.securityt....com/id/1036295
CVE Reference: https://cve.mitre.or...e=CVE-2016-1426
Jul 13 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): IOS XR for Network Convergence System 6000 Series Routers ...
The vendor has assigned bug ID CSCux76819 to this vulnerability.
Impact: A remote user can cause the target system to stop functioning and the Route Processor (RP) on the target system to eventually reload.
Solution: The vendor has issued a fix...
___

Cisco ASR 5000 Series SNMP Community String Disclosure Vuln
- https://tools.cisco....sa-20160713-asr
2016 July 13 v1.0 - "Summary: A vulnerability in SNMP configuration management in the Cisco ASR 5000 Series could allow an unauthenticated, remote attacker to read and modify the device configuration using an SNMP read-write community string. The vulnerability occurs because the configured SNMP community string is not confidential. An attacker could perform an SNMP query to the affected device to view the SNMP community string. An exploit could allow the attacker to read and modify the device configuration using the disclosed SNMP read-write community string. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco ASR 5000 Series prior to versions 19.4 and 20.1 are affected...
- http://www.securityt....com/id/1036298
CVE Reference: https://cve.mitre.or...e=CVE-2016-1452
Jul 14 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5000 Series; prior to 19.4 and 20.1 ...
The vendor has assigned bug ID CSCuz29526 to this vulnerability.
Impact: A remote user can obtain the SNMP read-write community string on the target system.
Solution: The vendor has issued a fix...
___

Cisco Adaptive Security Appliance Access Control List ICMP Echo Request Code Filtering Vuln
- https://tools.cisco....sa-20160711-asa
2016 July 11 v1.0 - "Summary: A vulnerability in the Cisco Adaptive Security Appliance (ASA) Software implementation of access control list (ACL) permit and deny filters for ICMP Echo Reply messages could allow an unauthenticated, remote attacker to bypass ACL configurations for an affected device. ICMP traffic that should be denied may instead be allowed through an affected device. The vulnerability is due to the implementation of ACL-based filters for ICMP Echo Requests and the range of ICMP Echo Request subtypes. An attacker could exploit this vulnerability by sending ICMP Echo Request traffic to an affected device. A successful exploit could allow the attacker to bypass ACL configurations for the device, which could allow traffic that should be denied to instead be allowed through the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: This vulnerability affects Cisco Adaptive Security Appliance (ASA) Software Releases 8.2 through 9.4.3.3...
- http://www.securityt....com/id/1036271
CVE Reference: https://web.nvd.nist...d=CVE-2016-1445
Jul 12 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.2 - 9.4.3.3 ...
The vendor has assigned bug ID CSCuy25163 to this vulnerability.
Impact: A remote user can bypass the ICMP filters to access hosts or resources on the protected network.
Solution: The vendor has issued a fix...
___

- https://www.us-cert....ecurity-Updates
July 14, 2016
 

Edited by AplusWebMaster, 14 July 2016 - 08:34 AM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco WebEx Meetings Server Administrator Interface SQL Injection Vuln
- https://tools.cisco....sa-20160714-wms
2016 July 14 v1.0 - "Summary: A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected system. An exploit could allow the attacker to gather information from the database. Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: Cisco WebEx Meetings Server version 2.6 is affected...
- http://www.securityt....com/id/1036312
CVE Reference: CVE-2016-1446
Jul 15 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.6 ...
The vendor has assigned bug ID CSCuy83200 to this vulnerability.
Impact: A remote authenticated user can execute SQL commands on the underlying database.
Solution: The vendor has issued a fix...
___

Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vuln
- https://tools.cisco....a-20160714-wms1
2016 July 14 v1.0 - "Summary: A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to visit a malicious URL. A successful exploit could allow the attacker to conduct reflected XSS attacks in the user’s browser session, which could be used to conduct further attacks. Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: Cisco WebEx Meetings Server version 2.6 is affected...
- http://www.securityt....com/id/1036314
CVE Reference: CVE-2016-1447
Jul 15 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.6 ...
The vendor has assigned bug ID CSCuy83194 to this vulnerability.
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the Cisco WebEx Meetings Server administrator interface, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix...
___

Cisco WebEx Meetings Server Administrator Interface Cross-Site Request Forgery Vuln
- https://tools.cisco....a-20160714-wms2
2016 July 14 v1.0 - "Summary: A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by convincing the user of the affected system to follow a malicious link or visit an attacker-controlled website. A successful exploit could allow an attacker to submit arbitrary requests to the affected device via the affected web browser with the privileges of the user. Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: Cisco WebEx Meetings Server version 2.7 is affected...
- http://www.securityt....com/id/1036320
CVE Reference: CVE-2016-1448
Jul 16 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.7 ...
The vendor has assigned bug ID CSCuy92706 to this vulnerability.
Impact: A remote user can take actions on the target system acting as the target authenticated user.
Solution: The vendor has issued a fix...
___

Cisco WebEx Meetings Server Reflected Cross-Site Scripting Vuln
- https://tools.cisco....a-20160714-wms3
2016 July 14 v1.0 - "Summary: A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to perform reflected cross-site scripting (XSS) attacks. The vulnerability is due to insufficient validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by persuading a user to click a crafted URL that is designed to submit malicious code to the affected software. A successful exploit would allow an attacker to execute malicious code in the context of the user. Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: Cisco WebEx Meetings Server version 2.6 is affected...
- http://www.securityt....com/id/1036313
CVE Reference: CVE-2016-1449
Jul 15 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.6 ...
The vendor has assigned bug ID CSCuy92711 to this vulnerability.
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Cisco WebEx Meetings Server software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix...
___

Cisco WebEx Meetings Server Command Injection Vuln
- https://tools.cisco....a-20160714-wms4
2016 July 14 v1.0 - "Summary: A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability occurs due to the expectation of a certain file type during an upload. An attacker could exploit this vulnerability by using crafted command arguments on the system. An exploit could allow the attacker to perform a command injection attack, which could allow the attacker to execute arbitrary commands on the system. Cisco released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: Cisco WebEx Meetings Server version 2.6 is affected...
- http://www.securityt....com/id/1036315
CVE Reference: CVE-2016-1450
Jul 15 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.6 ...
The vendor has assigned bug ID CSCuy92715 to this vulnerability.
Impact: A remote authenticated user can execute arbitrary commands on the target system.
Solution: The vendor has issued a fix...
 

Edited by AplusWebMaster, 16 July 2016 - 05:06 AM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Unified Computing System Performance Manager Input Validation Vuln
- https://tools.cisco....0160720-ucsperf
2016 July 20 v1.0 Critical - "Summary: A vulnerability in the web framework of Cisco Unified Computing System (UCS) Performance Manager could allow an authenticated, remote attacker to execute arbitrary commands. The vulnerability is due to insufficient input validation performed on parameters that are passed via an HTTP GET request. An attacker could exploit this vulnerability by sending crafted HTTP GET requests to an affected system. An exploit could allow the attacker to execute arbitrary commands with the privileges of the root user. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco UCS Performance Manager versions 2.0.0 and prior are affected...
Cisco Bug IDs: CSCuy07827 ...
- http://www.securityt....com/id/1036410
CVE Reference: CVE-2016-1374
Jul 20 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Performance Manager 2.0.0 and prior...
The vendor has assigned bug ID CSCuy07827 to this vulnerability.
Impact: A remote authenticated user can execute arbitrary commands with root privileges on the target system.
Solution: The vendor has issued a fix (Performance Manager 2.0.1)...

- https://www.us-cert....Security-Update
July 20, 2016
 

Edited by AplusWebMaster, 20 July 2016 - 03:48 PM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Nexus 1000v Application Virtual Switch Cisco Discovery Protocol Packet Processing DoS Vuln
- https://tools.cisco....sa-20160727-avs
2016 July 27 v1.0 - "Summary: A vulnerability in Cisco Discovery Protocol packet processing for the Cisco Nexus 1000v Application Virtual Switch (AVS) could allow an unauthenticated, remote attacker to cause the ESXi hypervisor to crash and display a purple diagnostic screen, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation of Cisco Discovery Protocol packets, which could result in a crash of the ESXi hypervisor due to an out-of-bound memory access. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a targeted device. An exploit could allow the attacker to cause a DoS condition.
Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Nexus 1000v AVS versions prior to 5.2(1)SV3(1.5i) and prior to 5.2(1)SV3(1.6) are vulnerable...
- http://www.securityt....com/id/1036469
CVE Reference: CVE-2016-1465
Jul 27 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Nexus 1000v AVS; prior to 5.2(1)SV3(1.5i) and prior to 5.2(1)SV3(1.6) ...
The vendor has assigned bug ID CSCuw57985 to this vulnerability.
Impact: A remote user can cause the target ESXi hypervisor to crash and display a purple diagnostic screen.
Solution: The vendor has issued a fix...
___

Cisco Prime Service Catalog Reflected Cross-Site Scripting Vuln
- https://tools.cisco....sa-20160727-psc
2016 July 27 v1.0 - "Summary: A vulnerability in the HTTP web-based management interface of the Cisco Prime Service Catalog (PSC) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link... Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Prime Service Catalog version 11.0 is affected...
- http://www.securityt....com/id/1036472
CVE Reference: CVE-2016-1462
Jul 28 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 11.0 ...
The vendor has assigned bug ID CSCuz63795 to this vulnerability.
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Cisco Prime Service Catalog software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix...
 

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco RV110W, RV130W, and RV215W Routers Static Credential Vuln
- https://tools.cisco....803-rv110_130w2
2016 Aug 3 v1.0 Critical - "Summary: A vulnerability in the default account when used with a specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to gain root access to the device. The account could incorrectly be granted root privileges at authentication time. The vulnerability is due to improper role-based access control (RBAC) of the default account. The default account should never be allowed root privileges and should, in all cases, be read-only. An attacker could exploit this vulnerability by logging into the targeted device using the default account. An exploit could allow the attacker to authenticate to the device using the default account and be assigned root privileges. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: The following Cisco products are affected by this vulnerability for all firmware versions until the first fixed version.
    RV110W Wireless-N VPN Firewall
    RV130W Wireless-N Multifunction VPN Router
    RV215W Wireless-N VPN Router
The web-based management interface is available for these devices via a local LAN connection or the remote management feature. By default, the remote management feature is disabled for the affected devices...
- http://www.securityt....com/id/1036524
CVE Reference: CVE-2015-6397
Aug 3 2016
Fix Available:  Yes  Vendor Confirmed:  Yes
The vendor has assigned bug IDs CSCuv90139, CSCux58175, and CSCux73557 to this vulnerability.
Impact: A remote authenticated user can gain root privileges on the target system.
Solution: The vendor has issued a fix...
___

Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing DoS Vuln
- https://tools.cisco....sa-20160803-ucm
2016 Aug 3 v1.0 High - "Summary: A vulnerability in Session Initiation Protocol (SIP) processing functions of the Cisco Unified Communications Manager Instant Messaging (IM) and Presence Service could allow an unauthenticated, remote attacker to cause the Cisco SIP Proxy Daemon (sipd) process to restart unexpectedly, resulting in a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper input validation of SIP packet headers. An attacker could exploit this vulnerability by sending a crafted SIP packet to a targeted system. A successful exploit could allow the attacker to cause the sipd process to restart unexpectedly, resulting in a DoS condition on the system. If the sipd process restarts repeatedly, a successful exploit could also result in a sustained DoS condition and cause high disk utilization due to a large number of sipd core files being written to disk, which could exacerbate the DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: This vulnerability affects Cisco Unified Communications Manager IM and Presence Service versions 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1). To determine whether a vulnerable version of the Cisco Unified Communications Manager IM and Presence Service is running on a device, administrators can use the show version active command in the command-line interface (CLI) for the device...
- http://www.securityt....com/id/1036526
CVE Reference: CVE-2016-1466
Aug 3 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): IM and Presence Service versions 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, 11.5(1)
The vendor has assigned bug ID CSCva39072 to this vulnerability.
Impact: A remote user can cause the target sipd service to restart.
Solution: The vendor has issued a fix...
___

Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vuln
- https://tools.cisco....803-rv110_130w1
2016 Aug 3 v1.0 - "Summary: A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The commands are executed with full administrator privileges. The vulnerability is due to insufficient input validation of user-controlled input parameters entered at the CLI. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input parameters to certain commands. A successful exploit could allow an authenticated attacker to execute arbitrary shell commands or scripts on the affected device. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: The following Cisco products are affected by this vulnerability for all firmware versions until the first fixed version.
    RV110W Wireless-N VPN Firewall
    RV130W Wireless-N Multifunction VPN Router
    RV215W Wireless-N VPN Router
The web-based management interface is available for these devices via a local LAN connection or the remote management feature. By default, the remote management feature is disabled for the affected devices...
- http://www.securityt....com/id/1036528
CVE Reference: CVE-2015-6396
Aug 3 2016
Fix Available:  Yes  Vendor Confirmed:  Yes
The vendor has assigned bug IDs CSCuv90134, CSCux58161, and CSCux73567 to this vulnerability.
Impact: A local user can obtain administrator privileges on the target system.
Solution: The vendor has issued a fix...
___

Cisco TelePresence Video Communication Server Expressway Command Injection Vuln
- https://tools.cisco....a-20160803-vcse
2016 Aug 3 v1.0 - "Summary: A vulnerability in the administrative web interface of Cisco TelePresence Video Communication Server Expressway could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to the failure to properly sanitize user input passed to the affected system's scripts. An attacker could exploit this vulnerability by submitting crafted input to the affected fields of the web interface. Successful exploitation of this vulnerability could allow an attacker to run arbitrary commands on the system. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco TelePresence Video Communication Server Expressway version X8.5.2 is vulnerable...
- http://www.securityt....com/id/1036529
CVE Reference: CVE-2016-1468
Aug 3 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): VCS Expressway X8.5.2
The vendor has assigned bug ID CSCuv12531 to this vulnerability.
Impact: A remote authenticated user can execute arbitrary commands on the target system.
Solution: The vendor has issued a fix...
 

Edited by AplusWebMaster, 04 August 2016 - 10:32 AM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco IOS Software Crafted Network Time Protocol Packets DoS Vuln
- https://tools.cisco....-20160804-wedge
2016 Aug 4 V1.0 High - "Summary: A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability...
Vulnerable Products: The following releases of Cisco IOS Software are affected by this vulnerability:
    15.5(3)S3
    15.6(1)S2
    15.6(2)S1
    15.6(2)T1
Cisco devices running an affected version of IOS Software are vulnerable if they are configured for NTP operations. NTP is not enabled in Cisco IOS Software by default...
- http://www.securityt....com/id/1036541
CVE Reference: CVE-2016-1478
Aug 4 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, 15.6(2)T1 ...
The vendor has assigned bug ID CSCva35619 to this vulnerability.
Impact: A remote user can cause denial of service conditions.
Solution: The vendor has issued a fix...
 

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet DoS Vuln
- https://tools.cisco....-20160810-iosxr
2016 Aug 10 v1.0 High - "Summary: A vulnerability in the driver processing functions of Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a memory leak on the route processor (RP) of an affected device, which could cause the device to drop all control-plane protocols and lead to a denial of service condition (DoS) on a targeted system. The vulnerability is due to improper handling of crafted, fragmented packets that are directed to an affected device. An attacker could exploit this vulnerability by sending crafted, fragmented packets to an affected device for processing and reassembly. A successful exploit could allow the attacker to cause a memory leak on the RP of the device, which could cause the device to drop all control-plane protocols and eventually lead to a DoS condition on the targeted system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, there are mitigations for this vulnerability...
Vulnerable Products: This vulnerability affects Cisco IOS XR Software Releases 5.1.x, 5.2.x, and 5.3.x, prior to the first fixed release or applicable update for those releases, running on Cisco ASR 9001 Aggregation Services Routers. Cisco ASR 9001 Aggregation Services Routers are vulnerable by default if they are running a vulnerable release of Cisco IOS XR Software. This vulnerability can be exploited by sending crafted, fragmented IPv4 or IPv6 packets requiring reassembly to the IPv4 or IPv6 unicast address of any interface that is configured on an affected device. The vulnerability can be triggered only by traffic that is destined to an affected device. It cannot be triggered by traffic that is transiting an affected device... To determine which Cisco IOS XR Software release is running on a device and the name of the device on which it is running, administrators can log in to the device and use the show version command in the command-line interface (CLI). If the device is running Cisco IOS XR Software, Cisco IOS XR Software or similar text appears in the system banner. The name of the hardware product appears on the line after the location of the system image file...
- http://www.securityt....com/id/1036585
CVE Reference: CVE-2016-6355
Aug 10 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 9001 Series; IOS XR 5.1.x, 5.2.x, 5.3.x ...
The vendor has assigned bug ID CSCux26791 to this vulnerability.
Impact: A remote user can cause all control-plane protocols to be dropped.
Solution: The vendor has issued a fix (5.3.3). Software Maintenance Updates (SMUs) are also available for prior affected versions...

- https://www.us-cert....curity-Update-0
Aug 12, 2016
___

Cisco IOS and IOS XE Software Crafted Network Time Protocol Packets DoS Vuln
- https://tools.cisco....-20160804-wedge
2016 Aug 9 v1.1 High - "Summary: A vulnerability in the processing of Network Time Protocol (NTP) packets by Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. The vulnerability is due to insufficient checks on clearing the invalid NTP packets from the interface queue. An attacker could exploit this vulnerability by sending a number of crafted NTP packets to be processed by an affected device. An exploit could allow the attacker to cause an interface wedge and an eventual denial of service (DoS) condition on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability; however, there is a mitigation for this vulnerability...
Vulnerable Products: The following releases of Cisco IOS Software and the corresponding releases of IOS XE Software are affected by this vulnerability:
    15.5(3)S3 - 3.16.3S
    15.6(1)S2 - 3.17.2S
    15.6(2)S1 - 3.18.1S
    15.6(2)T1
Cisco devices running an affected version of IOS or IOS XE Software are vulnerable if they are configured for NTP operations. NTP is not enabled in Cisco IOS or IOS XE Software by default..."
Cisco Bug IDs: CSCva35619
___

Cisco Connected Streaming Analytics Unauthorized Access Vuln
- https://tools.cisco....sa-20160810-csa
2016 Aug 10 v1.0 - "Summary: A vulnerability in the administrative web interface of Cisco Connected Streaming Analytics could allow an authenticated, remote attacker to obtain sensitive information. The vulnerability is due to the inclusion of sensitive information in a server response when certain pages of the administrative web interface are accessed. An authenticated attacker who can view the affected configuration page of an affected system could obtain a service password used for event and report notification. This could allow the attacker to use the affected service to send notifications as the authorized system if additional restrictions are not in place on the targeted service. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Connected Streaming Analytics version 1.1.1 is vulnerable...
Cisco Bug IDs: CSCuz92891 ...
 

Edited by AplusWebMaster, 12 August 2016 - 03:05 PM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms ARP Request Handling DoS Vuln
- https://tools.cisco....0160608-aironet
2016 Aug 12 v1.1 - "Summary: A vulnerability exists in Cisco Access Point (AP) platforms when processing Address Resolution Protocol (ARP) packets that could allow an unauthenticated, adjacent attacker to inject crafted entries into the ARP table and eventually cause a reload of the affected device. The vulnerability is due to improper processing of illegal ARP packets. An attacker could exploit this vulnerability by sending crafted ARP packets to be processed by an affected device. An exploit could allow the attacker to inject crafted entries in the ARP table and eventually cause a reload of the device. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Aironet 1800, 2800, and 3800 AP platforms running software versions prior to the first fixed version of 8.2.121.0 or 8.3.102.0 are vulnerable...
- http://www.securityt....com/id/1036626
CVE Reference: CVE-2016-1419
Aug 16 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Models 1800, 2800, and 3800; prior to versions 8.2.121.0 and 8.3.102.0 ...
Cisco Aironet 1800, 2800, and 3800 Access Point platforms are affected.
The vendor has assigned bug IDs CSCuy55803 and CSCuz64127 to this vulnerability.
Impact: A remote user can cause the target system to reload.
Solution: The vendor has issued a fix (8.2.121.0 and 8.3.102.0)...
 

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Firepower Management Center Remote Command Execution Vuln
- https://tools.cisco....sa-20160817-fmc
2016 Aug 17 v1.1 Critical - "Summary: A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability is due to insufficient authorization checking. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Firepower Management Center and Cisco ASA 5500-X Series with FirePOWER Services versions 5.4.0, 5.3.1, 5.3.0.4, 5.2.0, and 4.10.3.9 are affected...

- http://www.securityt....com/id/1036642
CVE Reference: CVE-2016-1457
Aug 17 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5500-X Series with FirePOWER Services; 4.10.3.9, 5.2.0, 5.3.0.4, 5.3.1, 5.4.0
The vendor has assigned bug ID CSCur25513 to this vulnerability.
Impact: A remote authenticated user can execute arbitrary commands on the target system with root privileges.
Solution: The vendor has issued a fix (5.3.1.2, 5.4.0.1, 5.4.1, 6.0.0).
___

Cisco Firepower Management Center Privilege Escalation Vuln
- https://tools.cisco....60817-firepower
2016 Aug 17 v1.0 Critical - "Summary: A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to elevate the privileges of user accounts configured on the device. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Firepower Management Center and ASA 5500-X Series with FirePOWER Services versions 5.4.0, 5.3.1, 5.3.0, 5.2.0, and 4.10.3 are affected...
CVE-2016-1458
Cisco Bug IDs: CSCur25483
___

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vuln
- https://tools.cisco....a-20160817-apic
2016 Aug 17 v1.0 High - "Summary: A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient input sanitization during the Grapevine update process. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands into an upgrade parameter. An exploit could allow the attacker to execute arbitrary commands on the affected system with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: This vulnerability affects Cisco APIC-EM software release 1.0...  
- http://www.securityt....com/id/1036634
CVE Reference: CVE-2016-1365
Aug 17 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): APIC-EM 1.0 ...
The vendor has assigned bug ID CSCux15507 to this vulnerability.
Impact: A remote authenticated user can execute arbitrary operating system commands on the target system with root privileges.
Solution: The vendor has issued a fix (1.1)...
___

Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms AMPDU DoS Vuln
- https://tools.cisco....sa-20160817-aap
2016 Aug 17 v1.0 High - "Summary: A vulnerability in the Aggregated MAC Protocol Data Unit (AMPDU) implementation in Cisco Access Point (AP) platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability is due to incomplete input validation of the AMPDU packet header. An attacker could exploit this vulnerability by sending a crafted AMPDU packet to the targeted device. An exploit could allow the attacker to cause the device to reload unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: Cisco Aironet 1800, 2800, and 3800 AP platforms running software versions prior to the first fixed version of 8.2.121.0 or 8.3.102.0 are vulnerable...
- http://www.securityt....com/id/1036648
CVE Reference: CVE-2016-6361
Aug 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Models 1800, 2800, and 3800; prior to versions 8.2.121.0 and 8.3.102.0
The vendor has assigned bug ID CSCuz56288 to this vulnerability.
Impact: A remote user can cause the target system to reload.
Solution: The vendor has issued a fix (8.2.121.0, 8.3.102.0)...
___

Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms CLI Privilege Escalation Vuln
- https://tools.cisco....a-20160817-aap1
2016 Aug 17 v1.0 - "Summary: A vulnerability in command execution from the command line-interface (CLI) of Cisco Access Point (AP) platforms could allow an authenticated, local attacker to perform privilege escalation to root-level privileges. The vulnerability occurs because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit this vulnerability by authenticating to the affected device, crafting user input parameters for certain commands, and executing the command at the CLI. An exploit could allow the attacker to elevate privileges to the -root- level. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: Cisco Aironet 1800, 2800, and 3800 AP platforms running software versions prior to the first fixed version of 8.2.110.0, 8.2.121.0, or 8.3.102.0 are vulnerable...
- http://www.securityt....com/id/1036644
CVE Reference: CVE-2016-6362
Aug 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Models 1800, 2800, and 3800; prior to versions 8.2.110.0, 8.2.121.0 and 8.3.102.0
The vendor has assigned bug ID CSCuz24725 to this vulnerability.
Impact: A local user can obtain root privileges on the target system.
Solution: The vendor has issued a fix (8.2.110.0, 8.2.121.0, 8.3.102.0)...
___

Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms 802.11 Protocol DoS Vuln
- https://tools.cisco....a-20160817-aap2
2016 Aug 17 v1.0 - "Summary: A vulnerability in the 802.11 wireless LAN protocol for Cisco Access Point (AP) platforms could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to rate limiting of 802.11 traffic. An attacker could exploit this vulnerability by sending crafted 802.11 traffic to the targeted adjacent device. An exploit could allow the attacker to cause the device to reload unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
- http://www.securityt....com/id/1036645
CVE Reference: CVE-2016-6363
Aug 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Models 1800, 2800, and 3800; prior to versions 8.2.121.0 and 8.3.102.0
The vendor has assigned bug ID CSCva06192 to this vulnerability.
Impact: A remote user on the wireless network can cause the target system to reload.
Solution: The vendor has issued a fix (8.2.121.0, 8.3.102.0)...
___

Cisco WebEx Meetings Server Information Disclosure Vuln
- https://tools.cisco....a-20160817-wms1
2016 Aug 17 v1.0 - "Summary: A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data. The vulnerability is due to lack of proper authentication controls. An attacker could exploit this vulnerability to learn sensitive information about the application. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco WebEx Meetings Server version 2.6 is vulnerable...
- http://www.securityt....com/id/1036649
CVE Reference: CVE-2016-1484
Aug 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.6
The vendor has assigned bug ID CSCuy92724 to this vulnerability.
Impact: A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix...
___

Cisco IP Phone 8800 Series DoS Vuln
- https://tools.cisco....sa-20160817-ipp
2016 Aug 17 v1.0 - "Summary: A vulnerability in the web server of the Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of user-supplied input by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected device. A successful exploit could cause memory corruption that results in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco IP Phone 8800 Series version 11.0(1) is vulnerable...
- http://www.securityt....com/id/1036646
CVE Reference: CVE-2016-1479
Aug 18 2016
The vendor has assigned bug ID CSCuz03038 to this vulnerability.
Impact: A remote user can cause denial of service conditions.
Solution: The vendor has issued a fix.
___

Cisco Identity Services Engine Admin Dashboard Page Cross-Site Scripting Vuln
- https://tools.cisco....sa-20160817-ise
2016 Aug 17 v1.0 - "Summary: A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user's request and injecting malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Identity Services Engine software release 1.3(0.876) is vulnerable...
- http://www.securityt....com/id/1036647
CVE Reference: CVE-2016-1485
Aug 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.3(0.876)...
The vendor has assigned bug ID CSCva46497 to this vulnerability.
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the Cisco Identity Services Engine interface, access data recently submitted by the target user via web form to the interface, or take actions on the interface acting as the target user.
Solution: The vendor has issued a fix.
___

Cisco Adaptive Security Appliance CLI Remote Code Execution Vuln
- https://tools.cisco....0160817-asa-cli
2016 Aug 17 v1.0 - "Summary: A vulnerability in the command-line interface (CLI) parser of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, local attacker to create a denial of service (DoS) condition or potentially execute arbitrary code. An attacker could exploit this vulnerability by invoking certain invalid commands in an affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: Cisco Adaptive Security Appliance (ASA) Software Releases earlier than 8.4(1) are vulnerable. An attacker must have local access and be authenticated to exploit this vulnerability.
Affected Cisco ASA Software running on the following products may be affected by this vulnerability:
    Cisco ASA 5500 Series Adaptive Security Appliances
    Cisco ASA 5500-X Series Next-Generation Firewalls
    Cisco PIX Firewalls
    Cisco Firewall Services Module (FWSM)
Refer to the "Fixed Software" section for additional information about fixed releases...
- http://www.securityt....com/id/1036636
CVE Reference: CVE-2016-6367
Aug 17 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 5500 Series; 5500-X Series; prior to 8.4(1) ...
The following hardware devices may also be affected when running ASA software:
Cisco PIX Firewalls
Cisco Firewall Services Module (FWSM)
The vendor has assigned bug ID CSCtu74257 to this vulnerability...
Impact: A local user can cause denial of service conditions on the target system.
A local user can obtain root privileges on the target system.
Solution: The vendor has issued a fix (8.4(1))...
___

Cisco Unified Communications Manager Information Disclosure Vuln
- https://tools.cisco....sa-20160817-ucm
2016 Aug 17 v1.0 - "Summary: A vulnerability in the User Data Services (UDS) Application Programming Interface (API) for Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view confidential information that should require authentication. The vulnerability is due to improper authentication controls for certain information returned by the UDS API. An attacker could exploit this vulnerability by accessing the UDS API. An exploit could allow the attacker to view certain information that is confidential and should require authentication to retrieve via the UDS API. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available...
Vulnerable Products: Cisco Unified Communications Manager version 11.5 is vulnerable...
- http://www.securityt....com/id/1036650
CVE Reference: CVE-2016-6364
Aug 18 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 11.5 ...
The vendor has assigned bug ID CSCux67855 to this vulnerability.
Impact: A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix...

// ... slow response times @ Cisco - "It's in The Cloud" now. 07:30-10:00AM EDT

 

Edited by AplusWebMaster, 18 August 2016 - 11:08 AM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Adaptive Security Appliance SNMP Remote Code Execution Vuln
- https://tools.cisco....160817-asa-snmp
2016 Aug 18 v1.2 High - "Summary: A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area.  The vulnerability affects all versions of SNMP. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability.
Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. Cisco will release software updates that address this vulnerability. Mitigations are listed in the "Workarounds" section of this advisory...
 Vulnerable Products: Affected Cisco ASA Software running on the following products may be affected by this vulnerability:
    Cisco ASA 5500 Series Adaptive Security Appliances
    Cisco ASA 5500-X Series Next-Generation Firewalls
    Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
    Cisco ASA 1000V Cloud Firewall
    Cisco Adaptive Security Virtual Appliance (ASAv)
    Cisco Firepower 4100 Series
    Cisco Firepower 9300 ASA Security Module
    Cisco Firepower Threat Defense Software
    Cisco Firewall Services Module (FWSM)*
    Cisco Industrial Security Appliance 3000
    Cisco PIX Firewalls*
All versions of SNMP are affected by this vulnerability. Refer to the "Fixed Software" section of this security advisory for more information about the affected releases...
Workarounds: Administrators are advised to allow only trusted users to have SNMP access and to monitor affected systems using the snmp-server host command.
The SNMP* chapter of the Cisco ASA Series General Operations CLI Configuration Guide explains how SNMP is configured in the Cisco ASA.
* http://www.cisco.com...nitor-snmp.html
Cisco Bug ID: CSCva92151
> https://web.nvd.nist...d=CVE-2016-6366
___

Cisco Adaptive Security Appliance CLI Remote Code Execution Vuln
- https://tools.cisco....0160817-asa-cli
2016 Aug 18 v1.1 - "Summary: A vulnerability in the command-line interface (CLI) parser of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, local attacker to create a denial of service (DoS) condition or potentially execute arbitrary code. An attacker could exploit this vulnerability by invoking certain invalid commands in an affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: Cisco Adaptive Security Appliance (ASA) Software Releases earlier than 8.4(3) are vulnerable. An attacker must have local access and be authenticated to exploit this vulnerability. Affected Cisco ASA Software running on the following products may be affected by this vulnerability:
    Cisco ASA 5500 Series Adaptive Security Appliances
    Cisco ASA 5500-X Series Next-Generation Firewalls
    Cisco PIX Firewalls*
    Cisco Firewall Services Module (FWSM)*
Refer to the "Fixed Software" section for additional information about fixed releases...
* Note: Cisco Firewall Service Modules and Cisco PIX Firewalls have passed the last day of software support milestone as stated in the published End of Life (EoL) documents. Further investigations into these devices will not be performed, and fixed software will not be made available. Please see the following EoL documents for further information:
Cisco Firewall Services Module (FWSM):
> http://www.cisco.com...c51-699134.html
Cisco PIX Firewalls:
> http://www.cisco.com...ce-listing.html
Exploitation and Public Announcements: On August 15, 2016, Cisco was alerted to information posted online by the Shadow Brokers group, which claimed to possess disclosures from the Equation Group. The posted materials included exploits for firewall products from multiple vendors. The Cisco products mentioned were the PIX and ASA firewalls.
Source: The exploit of this vulnerability was publicly disclosed by the alleged Shadow Brokers group...
> https://web.nvd.nist...d=CVE-2016-6367
Cisco Bug ID: CSCtu74257
> https://sso.cisco.co...s/CDClogin.html

>> https://tools.cisco....ertId=ERP-56516
___

Cisco IOS and Cisco IOS XE Software OpenSSH TCP DoS Vuln
- https://tools.cisco....sa-20160620-isr
2016 Aug 18 v1.1 - "Summary: A vulnerability in the handling of Secure Shell (SSH) TCP packets in the Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to low memory on the device. The vulnerability is due to the handling of out-of-order, or otherwise invalid, TCP packets on an SSH connection to the device. An attacker could exploit this vulnerability by connecting via SSH to the device and then crafting TCP packets which are out of order or have invalid flags. An exploit could allow the attacker to cause the device to report low-memory warnings which could in turn cause a partial DoS condition...
Vulnerable Products: Cisco IOS and Cisco IOS XE Software are vulnerable.
... In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers...
Cisco Bug IDs: CSCuu13476
> https://web.nvd.nist...d=CVE-2015-6289
CVSS v3 Base Score: 7.5 High
___

- https://www.us-cert....ecurity-Updates
Aug 20, 2016
 

Edited by AplusWebMaster, 20 August 2016 - 03:52 AM.

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vuln
- https://tools.cisco....a-20160817-apic
2016 Aug 19 v1.1 High - "Summary: A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient input sanitization during the Grapevine update process. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands into an upgrade parameter. An exploit could allow the attacker to execute arbitrary commands on the affected system with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: This vulnerability affects Cisco APIC-EM software releases 1.0 and 1.1...
Fixed Releases: This vulnerability is fixed in Cisco Application Policy Infrastructure Controller Enterprise Module release 1.2 and later...
Cisco Bug IDs: CSCux15507
- https://web.nvd.nist...d=CVE-2016-1365
Last revised: 08/19/2016
8.8 High
___

- https://www.us-cert....ecurity-Updates
Aug 20, 2016
 

[AplusWebMaster]

FYI...

Cisco ASA SNMP Remote Code Execution Vuln
- https://isc.sans.edu...l?storyid=21389
2016-08-21 - "Looking back through all the vulnerabilities announced this week, one caught my eye. CVE-2016-6366 is a vulnerability in the Cisco ASA products which could allow a remote attacker to remotely execute code. This vulnerability is part of the Equation Group disclosures and was not previously known by Cisco. The vulnerability is in the SNMP code on the ASA and would allow an attacker with knowledge of the SNMP community string to send crafted IPv4 SNMP traffic which could be used to reload the system or possibly exploit the system to gain control. The likelihood of being able to exploit this is -low- for those of us who have deployed in a secure manner:  
- management interfaces not exposed to hostile networks
- SNMP strings set to a secure value (non-default!)
- etc.
But for those of you who have needed to deploy Cisco ASA in a less than optimal configuration, you may want to keep an eye on this one. As always the answer is 'patch soon'!
There is a snort rule to detect the attempted exploitation of this vulnerability (Snort Rule ID: 3:39885).
See CCIRC* or Cisco's announcement for more details**."
* http://www.publicsaf...l16-016-en.aspx

Cisco Adaptive Security Appliance SNMP Remote Code Execution Vuln
** https://tools.cisco....160817-asa-snmp
2016 Aug 18 v1.2 High
- https://web.nvd.nist...d=CVE-2016-6366
Last revised: 08/19/2016
8.8 High
Cisco Bug IDs: CSCva92151
 

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Firepower Management Center Remote Command Execution Vuln
- https://tools.cisco....sa-20160817-fmc
2016 Aug 22 v1.1 Critical - "Summary: A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance (ASA) 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability is due to insufficient authorization checking. An attacker could exploit this vulnerability by sending crafted HTTP requests to the affected device. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Firepower Management Center and Cisco ASA 5500-X Series with FirePOWER Services versions 5.4.0, 5.3.1, 5.3.0.4, 5.2.0, and 4.10.3.9 are affected..."
> https://web.nvd.nist...d=CVE-2016-1457
Last revised: 08/19/2016
8.8 High
Cisco Bug IDs: CSCur25513
___

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vuln
- https://tools.cisco....a-20160817-apic
2016 Aug 19 v1.1 High - "Summary: A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the -root- user. The vulnerability is due to insufficient input sanitization during the Grapevine update process. An attacker could exploit this vulnerability by authenticating to the affected system with administrative privileges and inserting arbitrary commands into an upgrade parameter. An exploit could allow the attacker to execute arbitrary commands on the affected system with root-level privileges. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: This vulnerability affects Cisco APIC-EM software releases 1.0 and 1.1...
> https://web.nvd.nist...d=CVE-2016-1365
Last revised: 08/19/2016
8.8 High
Cisco Bug IDs: CSCux15507
___

Cisco Connected Streaming Analytics Unauthorized Access Vuln
- https://tools.cisco....sa-20160810-csa
2016 Aug 23 v1.2 - "Summary: A vulnerability in the administrative web interface of Cisco Connected Streaming Analytics could allow an authenticated, remote attacker to obtain sensitive information. The vulnerability is due to the inclusion of sensitive information in a server response when certain pages of the administrative web interface are accessed. An authenticated attacker who can view the affected configuration page of an affected system could obtain a service password used for event and report notification. This could allow the attacker to use the affected service to send notifications as the authorized system if additional restrictions are not in place on the targeted service. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Connected Streaming Analytics version 1.1.1 is vulnerable...
> https://web.nvd.nist...d=CVE-2016-1477
Last revised: 08/23/2016
6.5 Medium
Cisco Bug IDs: CSCuz92891
 

[AplusWebMaster]

FYI...

- https://tools.cisco....cationListing.x

Cisco Adaptive Security Appliance SNMP Remote Code Execution Vuln
- https://tools.cisco....160817-asa-snmp
2016 Aug 25 v1.4 High - "Summary: A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. The vulnerability affects all versions of SNMP (versions 1, 2c, and 3) when enabled on a virtual or physical Cisco ASA device. An attacker could exploit this vulnerability by sending crafted SNMP packets to an SNMP-enabled interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability.
Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. The attacker requires knowledge of the configured SNMP community string in SNMP version 1 and SNMP version 2c or a valid username and password for SNMP version 3.
Cisco has released software updates that address this vulnerability. Mitigations are listed in the Workarounds section of this advisory...
Vulnerable Products: Affected Cisco ASA Software running on the following products may be affected by this vulnerability:
    Cisco ASA 5500 Series Adaptive Security Appliances
    Cisco ASA 5500-X Series Next-Generation Firewalls
    Cisco ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
    Cisco ASA 1000V Cloud Firewall
    Cisco Adaptive Security Virtual Appliance (ASAv)
    Cisco Firepower 4100 Series
    Cisco Firepower 9300 ASA Security Module
    Cisco Firepower Threat Defense Software
    Cisco Firewall Services Module (FWSM)*
    Cisco Industrial Security Appliance 3000
    Cisco PIX Firewalls*
All versions of SNMP are affected by this vulnerability. Refer to the Fixed Software section of this security advisory for more information about the affected releases...
* Note: Cisco Firewall Service Modules and Cisco PIX Firewalls have passed the last day of software support milestone as stated in the published End of Life (EoL) documents. Further investigations into these devices will not be performed, and fixed software will not be made available. Please see the following EoL documents for further information:
Cisco Firewall Services Module (FWSM):
- http://www.cisco.com...c51-699134.html
Cisco PIX Firewalls:
- http://www.cisco.com...ce-listing.html

- https://web.nvd.nist...d=CVE-2016-6366
8.8 High
Cisco Bug IDs: CSCva92151
___

Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vuln
- https://tools.cisco....sa-20160413-nms
2016 Aug 25 v1.1 - "Summary: Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 may allow an unauthenticated, remote attacker to retrieve version information about the software release running on the device by accessing the Network Mobility Services Protocol (NMSP) port. The vulnerability is due to a failure to properly secure NMSP with authentication, which has been made standard in Cisco IOS Software releases 15.2(2)E1 and later. An attacker could exploit earlier software releases to map the network and gather information for further attacks. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 are affected...
CVE-2016-1378
Cisco Bug IDs: CSCum62591
___

Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vuln
- https://tools.cisco....0824-anyconnect
2016 Aug 24 v1.0 - "Summary: A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. The vulnerability is due to incomplete input validation of path names and filenames of the file to be installed. An attacker could exploit this vulnerability by creating a modified INF file. An exploit could allow the attacker to execute commands on the underlying Microsoft Windows host with privileges equivalent to the SYSTEM account. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability...
Vulnerable Products: All software releases of Cisco AnyConnect Secure Mobility Client earlier than the first fixed releases of 4.2.05015 and 4.3.02039 are vulnerable...
- http://www.securityt....com/id/1036697
CVE Reference: CVE-2016-6369
Aug 26 2016
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 4.2.05015, 4.3.02039 ...
The vendor has assigned bug ID CSCuz92464 to this vulnerability.
Impact: A local user can obtain system privileges on the target system.
Solution: The vendor has issued a fix (4.2.05015, 4.3.02039)...
___

Cisco Identity Services Engine Admin Dashboard Page Cross-Site Scripting Vuln
- https://tools.cisco....sa-20160817-ise
2016 Aug 24 v1.1 - "Summary: A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation of some parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user's request and injecting malicious code. An exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available...
Vulnerable Products: Cisco Identity Services Engine software release 1.3(0.876) is vulnerable...
CVE-2016-1485
Cisco Bug IDs: CSCva46497
___

- https://www.helpnets...abacon-exploit/
Aug 29, 2016
 

Edited by AplusWebMaster, 29 August 2016 - 04:52 AM.