Cisco Patches Switch, Security Holes

Friday, February 5, 2016 @ 02:02 PM gHale

Cisco released software updates for switches and security products.

One of the vulnerabilities is an access control issue affecting the Cisco Application Policy Infrastructure Controller (APIC), a management product that is part of Cisco Application Centric Infrastructure (ACI).

Cisco Fixes Firewall Vulnerability
BlackEnergy using Tainted Word Documents
Malware Targeting Ukraine Power Grids
Cloud Provider Under Attack

The security hole is the result of a logic issue in the role-based access control (RBAC) processing code and it allows an authenticated attacker to make configuration changes.

The flaw affects Cisco APIC running software versions prior to 1.0(3h) and 1.1(1j), and Cisco Nexus 9000 Series ACI Mode switches running software versions prior to 11.0(3h) and 11.1(1j).

Cisco also said Nexus 9000 switches, which are also a component of ACI, suffer from a denial-of-service (DoS) issue caused by a remote, unauthenticated attacker using a specially crafted ICMP packet. Cisco Nexus 9000 Series ACI Mode switches running software versions prior to 11.0(1c) suffers from the vulnerability.

Cisco ASA-CX and Cisco Prime Security Manager (PRSM) products also feel the affects of a high severity vulnerability. The issue allows a remote, authenticated attacker to change the password of any user, including administrators.

Cisco said the flaw can end up exploited by an attacker who does not have administrator privileges using a specially crafted HTTP request.

Cisco ASA-CX Context-Aware Security and Cisco PRSM prior to suffer from the issue.

Cisco found the vulnerabilities and the company said they are not aware of any ongoing attacks.