<
>

CyberSecurity Asean security alert on Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution

This alert is originally published and can be viewed at cisecurity.org

OVERVIEW:
Multiple vulnerabilities have been discovered in Cisco products including Cisco FXOS Software, Cisco NX-OS Software, Cisco UCS Manager Software, Cisco Nexus 4000 Series Switch, Cisco Nexus 3000 and 9000 Series, Cisco UCS Fabric Interconnect Software, Cisco Firepower 4100 Series Next-Generation Firewall, Cisco Firepower 9300 Security Appliance, Cisco TelePresence Video Communication Server Expressway, Cisco Unified Communications Manager IM & Presence Service, Cisco Unified Communications Domain Manager, NVIDIA TX1 Boot ROM, Cisco Meeting Server, Cisco Firepower Management Center, Cisco 5000 Series Enterprise Network Compute System, Cisco UCS E-Series Servers, and Cisco AnyConnect Secure Mobility Client for Windows Desktop.
 
Successful exploitation of the most severe of these vulnerabilities could result in remote code execution in the context of the affected application. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.
 
THREAT INTELLIGENCE:
There are currently no reports of these vulnerabilities being exploited in the wild.
 
SYSTEMS AFFECTED:

  • UCS Manager Software
  • Cisco Nexus 4000 Series Switch
  • Cisco Nexus 3000 and 9000 Series Switch
  • UCS Fabric Interconnect Software
  • Cisco Firepower 4100 Series Next-Generation Firewall
  • Cisco Firepower 9300 Security Appliance
  • Cisco TelePresence Video Communication Server Expressway
  • Cisco Unified Communications Manager IM & Presence Service
  • Cisco Unified Communications Domain Manager
  • NVIDIA TX1 Boot ROM processors used in Cisco WebEx Room 55, Cisco WebEx Room 70 Single/Dual, Cisco WebEx Room Kit, Cisco WebEx Room Kit Plus, and RoomOS
  • Cisco Meeting Server
  • Cisco Firepower Management Center
  • Cisco 5000 Series Enterprise Network Compute System
  • Cisco UCS E-Series Servers
  • Cisco AnyConnect Secure Mobility Client for Windows Desktop
  • Cisco NX-OS running on the following products: Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 3600 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, and Nexus 9500 R-Series Line Cards and Fabric Modules
  • Cisco FXOS running on the following products: Firepower 4100 Series Next-Generation Firewalls, Firepower 9300 Security Appliance, MDS 9000 Series Multilayer Switches, Nexus 2000 Series Fabric Extenders, Nexus 3000 Series Switches, Nexus 3500 Platform Switches, Nexus 5500 Platform Switches, Nexus 5600 Platform Switches, Nexus 6000 Series Switches, Nexus 7000 Series Switches, Nexus 7700 Series Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules, UCS 6100 Series Fabric Interconnects, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects

 
RISK:
Government:

  • Large and medium government entities: HIGH
  • Small government entities: MEDIUM

Businesses:

  • Large and medium business entities: HIGH
  • Small business entities: MEDIUM

Home Users: LOW
 
RECOMENDATIONS:
We recommend the following actions be taken:
 

  • Verify no unauthorized system modifications have occurred on system before applying patch.
  • Apply patches provided by Cisco immediately after appropriate testing.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments