Cisco security updates nix high-impact DoS and privilege escalation bugs

News by Bradley Barth

Cisco Systems on Wednesday issued 26 security updates to fix an array of vulnerabilities, including high-impact bugs in its Unified Customer Voice Portal (CVP), its NX-OS Software, and its Email Security Appliance (ESA).

Also in:

Cisco Systems on Wednesday issued 26 security updates to fix an array of vulnerabilities, including high-impact bugs in its Unified Customer Voice Portal (CVP), its NX-OS Software, and its Email Security Appliance (ESA) and Content Security Management Appliance (SMA).

A voice-enabled self-service platform, Cisco's CVP product contains a vulnerability, CVE-2018-0086, that can cause a denial of service condition (DoS) resulting from malformed SIP INVITE traffic received during communications with the Cisco Virtualised Voice Browser (VVB). Version 11.6(1) remedies the issue, according to a Cisco advisory

NX-OS, a network operating system for switches, was also found to contain a DoS flaw. The bug, designated CVE-2018-0102, residents within the Pong tool, and can allow unauthenticated, adjacent attackers to trigger a denial of service (DoS) condition by causing reloads of an affected device. The vulnerability affects Cisco Nexus 7000 and 7700 Series Switches when running versions 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) of the software, but only when the Pong and FabricPath features are enabled, and the FabricPath port is actively monitored via a SPAN session. The problem is fixed with version 7.3(0)D1(1) of the software.

“The vulnerability exists because the affected software attempts to free the same area of memory twice,” a Cisco advisory explains. “An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload.”

Finally, the bug found in the ESA and SMA products, CVE-2018-0095, is a privilege escalation vulnerability caused by an erroneous networking configuration in the administrative shell command-line interface. If exploited, the bug could help authenticated attackers gain root access on affected devices. All versions of the appliances that were distributed prior to the most recent update are affected, Cisco warns.

Topics:
Security

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events