Once again, Cisco has addressed multiple security vulnerabilities affecting different Cisco products. As disclosed via separate advisories, Cisco patches multiple critical security flaws that could allow an attacker to remotely attack a system, execute arbitrary commands, or bypass user authentication.
Cisco Patches Multiple Critical Vulnerabilities
Reportedly, Cisco has patched numerous security vulnerabilities affecting a range of products this week. While most of these vulnerabilities had a medium severity rating, three of them turned out to have a critical impact such as remote code execution attacks. Here we give a quick overview of them.
Cisco Unity Express Vulnerability
The first critical security flaw that received a patch this week includes an arbitrary code execution vulnerability affecting the Cisco Unity Express (CUE). The flaw could allow arbitrary code execution by a remote attacker with root user privileges. While describing the vulnerability in their advisory, Cisco stated,
“The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to the listening Java Remote Method Invocation (RMI) service. A successful exploit could allow the attacker to execute arbitrary commands on the device with root privileges.”
This vulnerability (CVE-2018-15381) affected all CUE releases before the patched version 9.0.6. Hence, users should update their software to the recently released 9.0.6 to mitigate the flaw.
Authentication Bypass In Cisco Stealthwatch Management Console
The other critical flaw fixed by Cisco is an authentication bypass vulnerability affecting the Cisco Stealthwatch Management Console (SMC). This vulnerability also allowed an unauthenticated attacker to execute arbitrary commands on the target system. The Cisco advisory’s description for the flaw reads,
“The vulnerability is due to an insecure system configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to gain unauthenticated access, resulting in elevated privileges in the SMC.”
This critical flaw (CVE-2018-15394) affected SMC release 6.10.2 and earlier. Users can protect themselves from the bug by upgrading to the patched release 6.10.3.
Critical Vulnerability Awaiting Cisco Patches
Another critical flaw has affected Cisco Small Business Switches. Exploiting this vulnerability can allow an attacker to execute remote attacks after bypassing user authentication. As disclosed in Cisco’s advisory,
“The vulnerability exists because, under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights.”
Cisco Small Business Switches are mostly used within small office’s network setups. The bug disclosed here mainly exists in the default user account required for initial login.
This privilege access vulnerability (CVE-2018-15439) has attained a critical severity rating with a CVSS score of 9.8. Presently, Cisco has not released a patch yet for the flaw. Nonetheless, they recommend a workaround for users to employ until a fix becomes available.
“The workaround consists of adding at least one user account with access privilege set to level 15 in the device configuration… By adding this user account, the default privileged account will be disabled.”
Take your time to comment on this article.