Network Security, Patch/Configuration Management, Vulnerability Management

Cisco security updates nix high-impact DoS and privilege escalation bugs

Cisco Systems on Wednesday issued 26 security updates to fix an array of vulnerabilities, including high-impact bugs in its Unified Customer Voice Portal (CVP), its NX-OS Software, and its Email Security Appliance (ESA) and Content Security Management Appliance (SMA).

A voice-enabled self-service platform, Cisco's CVP product contains a vulnerability, CVE-2018-0086, that can cause a denial of service condition (DoS) resulting from malformed SIP INVITE traffic received during communications with the Cisco Virtualized Voice Browser (VVB). Version 11.6(1) remedies the issue, according to a Cisco advisory

NX-OS, a network operating system for switches, was also found to contain a DoS flaw. The bug, designated CVE-2018-0102, residents within the Pong tool, and can allow unauthenticated, adjacent attackers to trigger a denial of service (DoS) condition by causing reloads of an affected device. The vulnerability affects Cisco Nexus 7000 and 7700 Series Switches when running versions 7.2(1)D(1), 7.2(2)D1(1), or 7.2(2)D1(2) of the software, but only when the Pong and FabricPath features are enabled, and the FabricPath port is actively monitored via a SPAN session. The problem is fixed with version 7.3(0)D1(1) of the software.

“The vulnerability exists because the affected software attempts to free the same area of memory twice,” a Cisco advisory explains. “An attacker could exploit this vulnerability by sending a pong request to an affected device from a location on the network that causes the pong reply packet to egress both a FabricPath port and a non-FabricPath port. An exploit could allow the attacker to cause a dual or quad supervisor virtual port-channel (vPC) to reload.”

Finally, the bug found in the ESA and SMA products, CVE-2018-0095, is a privilege escalation vulnerability caused by an erroneous networking configuration in the administrative shell command-line interface. If exploited, the bug could help authenticated attackers gain root access on affected devices. All versions of the appliances that were distributed prior to the most recent update are affected, Cisco warns.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.
Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Related

Novel BellaCiao malware variant launched by Charming Kitten

Attacks with an updated C++ variant of the BellaCiao dropper malware dubbed "BellaCPP" have been deployed by Iranian state-backed threat operation Charming Kitten — also known as APT35, CharmingCypress, CALANQUE, Mind Sandstorm, TA453, Newscaster, and Yellow Garuda — to facilitate further payload delivery, according to The Hacker News.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

ACK PiggybackingAddress Resolution Protocol (ARP)Border Gateway Protocol (BGP)Cache PoisoningCellCollisionCrossover CableDistance VectorDomain Name System (DNS)Dynamic Routing Protocol

You can skip this ad in 5 seconds