Cisco Patches Vulnerabilities

Tuesday, January 19, 2016 @ 10:01 AM gHale

Cisco fixed critical and high severity vulnerabilities in its networking and security products.

One of the critical flaws that came in with a CVSS score of 10 is an unauthorized access issue affecting Cisco standalone and modular controllers running Wireless LAN Controller (WLC) software versions and later, 8.0 and later, and 8.1 and later.

Cisco Working to Fix Deserialization Holes
Juniper Changes ScreenOS Firewalls
Firewall Backdoors Still Not Patched
Juniper Finds, Patches Own Bugs

A remote, unauthenticated attacker could end up taking advantage of this vulnerability to modify a device’s configuration, Cisco said. That could end up leading to a completely compromised device.

Another critical unauthorized access vulnerability was in the admin portal of devices running Cisco Identity Services Engine (ISE), a policy management platform designed for automating and enforcing security access to network resources.

A remote, unauthenticated attacker who can connect to the admin portal can exploit the weakness to gain access and take control of a device. Devices running Cisco ISE 1.1 or later, 1.2.0 prior to patch 17, 1.2.1 prior to patch 8, 1.3 prior to patch 5, and 1.4 prior to patch 4 suffered from the issue.

ISE also suffers from a medium severity unauthorized access flaw that allows a remote, authenticated attacker to gain access to web resources that should only be accessible to administrative users.

Other advisories also point out high severity vulnerabilities affecting Aironet 1800 Series Access Point devices. One of the issues comes from the existence of static credentials an attacker can leverage via a remote, unauthenticated attacker to log in to vulnerable devices. Cisco said the exposed account does not have full admin privileges by default.

The second high severity bug in Aironet 1800 devices can end up abused remotely by an unauthenticated attacker to cause a denial-of-service (DoS) condition on the device by sending it a specially crafted IP packet.

All of these flaws ended up discovered during internal security and quality assurance testing. Cisco said it not aware of any instances in which these vulnerabilities suffered from any outside exploitation.

Since there are no workarounds for any of the security holes, users should install the available updates as soon as possible.

Click here to view the Cisco advisories.