Posts for: #16.12.2t

Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability

🚨 SEVERITY: HIGH — CVSS 7.4 Security Advisory

TL;DR 📌

A denial of service vulnerability has been identified in Cisco IOS XE Software for Catalyst 9000 Series Switches. An unauthenticated, adjacent attacker can exploit this vulnerability by sending crafted Ethernet frames, causing an egress port to drop all outbound traffic. The highest CVSS score is 7.4 (High). Cisco has released fixed software, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability exists in the handling of certain Ethernet frames within Cisco IOS XE Software for Catalyst 9000 Series Switches. This flaw allows an unauthenticated, adjacent attacker to send crafted Ethernet frames, which can block an egress port, resulting in a denial of service (DoS) condition. Once exploited, the affected port will drop all outbound traffic, severely impacting network operations.

[]

Cisco IOS XE Software for Catalyst 9800 Series Wireless Controller for Cloud Unauthenticated Access to Certificate Enrollment Service Vulnerability

🚨 SEVERITY: MEDIUM — CVSS 5.3 Security Advisory

TL;DR 📌

A medium-severity vulnerability has been identified in the Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud. This flaw allows unauthenticated remote attackers to access the public-key infrastructure (PKI) server, potentially enabling unauthorized device enrollment. Workarounds are available, and Cisco has recommended software updates to fully mitigate the risk.

What happened 🕵️‍♂️

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud could allow an unauthenticated, remote attacker to access the PKI server running on affected devices. This issue arises due to incomplete cleanup after the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests, potentially allowing them to request a certificate and join an attacker-controlled device to the virtual wireless controller.

[]