Posts for: #12.2(6)I1

Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability

#12.2(6)I1  #12.2I  #15.0(1)EX  #15.0(2)EA  #15.0(2)EA1  #15.0(2)EJ  #15.0(2)EJ1  #15.0(2)EK  #15.0(2)EK1  #15.0(2)EX  #15.0(2)EX1  #15.0(2)EX10  #15.0(2)EX11  #15.0(2)EX12  #15.0(2)EX13  #15.0(2)EX2 
🚨 SEVERITY: MEDIUM — CVSS 6.5 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the CLI of Cisco IOS and IOS XE Software, allowing an authenticated local attacker to cause a denial of service (DoS) by exploiting a buffer overflow. No workarounds are available, and Cisco recommends upgrading to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the CLI of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This issue arises from a buffer overflow that can be exploited using crafted commands at the CLI prompt. While proof-of-concept exploit code is available, there have been no reports of malicious exploitation.

[]

Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability

#12.2(6)I1  #12.2I  #15.1(3)SVR1  #15.1(3)SVR10  #15.1(3)SVR2  #15.1(3)SVR3  #15.1(3)SVS  #15.1(3)SVS1  #15.1(3)SVT1  #15.1(3)SVT2  #15.1(3)SVT3  #15.1(3)SVT4  #15.1(3)SVU1  #15.1(3)SVU10  #15.1(3)SVU11  #15.1(3)SVU2 
🚨 SEVERITY: HIGH — CVSS 8.1 Security Advisory

TL;DR 📌

A vulnerability in Cisco IOS and IOS XE Software could allow unauthenticated remote attackers to bypass TACACS+ authentication or view sensitive data. The highest CVSS score is 8.1, classified as High severity. Cisco has released fixes and workarounds are available.

What happened 🕵️‍♂️

A vulnerability has been identified in the TACACS+ protocol implementation within Cisco IOS and IOS XE Software. This issue arises because the software does not properly verify if the required TACACS+ shared secret is configured. As a result, an attacker could exploit this vulnerability to intercept unencrypted TACACS+ messages or impersonate the TACACS+ server, potentially allowing unauthorized access to sensitive information or bypassing authentication altogether.

[]

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities

#12.2(6)I1  #12.2I  #15.0(2)EJ  #15.0(2)EJ1  #15.0(2)EK  #15.0(2)EK1  #15.0(2)EX  #15.0(2)EX1  #15.0(2)EX10  #15.0(2)EX11  #15.0(2)EX12  #15.0(2)EX13  #15.0(2)EX2  #15.0(2)EX3  #15.0(2)EX4  #15.0(2)EX5 
🚨 SEVERITY: HIGH — CVSS 8.6 Security Advisory

TL;DR 📌

Cisco has identified multiple high-severity vulnerabilities in the IKEv2 feature of Cisco IOS, IOS XE, Secure Firewall ASA, and Secure Firewall FTD software that could allow unauthenticated remote attackers to trigger denial of service (DoS) conditions. Software updates are available to address these vulnerabilities.

What happened 🕵️‍♂️

Cisco has released an advisory detailing several vulnerabilities in the Internet Key Exchange Version 2 (IKEv2) feature across various Cisco software platforms. These vulnerabilities can be exploited by unauthenticated remote attackers to cause devices to reload or trigger memory leaks, leading to a denial of service condition.

[]