TL;DR 📌

A medium-severity vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to bypass access control lists (ACLs) on the management interface for SSH, NetConf, and gRPC features. Users are advised to upgrade to fixed software releases or implement workarounds.

What happened 🕵️‍♂️

A vulnerability was identified in the management interface ACL processing feature of Cisco IOS XR Software. This flaw allows unauthenticated remote attackers to bypass configured ACLs, potentially leading to unauthorized access to management features like SSH, NetConf, and gRPC. The issue arises because management interface ACLs are not enforced on certain Linux-handled features within the Packet I/O infrastructure.

TL;DR 📌

A medium-severity vulnerability has been identified in the Cisco Evolved Programmable Network Manager (EPNM) that allows authenticated attackers to upload arbitrary files. There are no workarounds available, and affected users should migrate to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco EPNM could allow an authenticated, remote attacker to upload arbitrary files. This issue arises from improper validation of uploaded files, enabling an attacker with valid Config Managers credentials to exploit the vulnerability by sending a crafted file upload request to a specific API endpoint.

TL;DR 📌

A medium-severity information disclosure vulnerability has been identified in Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. This flaw allows authenticated, low-privileged users to access sensitive configuration information. Software updates are available to mitigate this risk, but there are no workarounds.

What happened 🕵️‍♂️

A vulnerability exists in the web-based management interface of Cisco EPNM and Cisco Prime Infrastructure. This issue arises from improper validation of requests to API endpoints. An authenticated attacker with low privileges could exploit this vulnerability to view sensitive configuration information that should be restricted.

TL;DR 📌

A stored cross-site scripting (XSS) vulnerability has been identified in Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure. This vulnerability allows an authenticated attacker to execute arbitrary scripts in the context of the affected interface. Users are advised to upgrade to fixed software versions as there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack. This occurs because the interface fails to properly validate user-supplied input. An attacker with valid administrative credentials could exploit this vulnerability by inserting malicious code into specific data fields, potentially executing arbitrary script code or accessing sensitive browser-based information.

TL;DR 📌

A cross-site scripting (XSS) vulnerability has been identified in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service. This flaw could allow an unauthenticated remote attacker to execute arbitrary script code, potentially compromising sensitive information. Cisco has released fixed software versions, and there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) was discovered. This vulnerability arises from improper validation of user-supplied input, enabling an attacker to conduct a cross-site scripting (XSS) attack. By persuading a user to click on a malicious link, an attacker could execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.

TL;DR 📌

A medium-severity vulnerability in Cisco Webex Meetings could allow an unauthenticated attacker to redirect users to untrusted websites. Cisco has addressed this issue, and no action is required from users.

What happened 🕵️‍♂️

A vulnerability in Cisco Webex Meetings was discovered, which could allow an unauthenticated, remote attacker to redirect a targeted user to an untrusted website. This issue arose due to insufficient validation of URLs included in meeting-join links. If exploited, this could facilitate phishing attacks by misleading users into believing they were interacting with a trusted Webex environment.

TL;DR 📌

A medium-severity cross-site scripting (XSS) vulnerability has been identified in Cisco Webex Meetings, allowing authenticated attackers to exploit the user profile component. Cisco has addressed this issue, and no user action is required.

What happened 🕵️‍♂️

A vulnerability in the user profile component of Cisco Webex Meetings could have allowed an authenticated, remote attacker with low privileges to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. This vulnerability arose due to insufficient validation of user-supplied input. An attacker could exploit this by persuading a user to click a crafted link, potentially leading to an XSS attack.

TL;DR 📌

A medium-severity Cross-Site Request Forgery (CSRF) vulnerability has been identified in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). An unauthenticated attacker could exploit this vulnerability by tricking a user into clicking a malicious link, potentially allowing the attacker to perform actions with the user’s privileges. There are no workarounds available, and affected users should upgrade to fixed software versions.

TL;DR 📌

A medium-severity path traversal vulnerability has been identified in Cisco Nexus Dashboard, allowing authenticated remote attackers to gain root privileges. No workarounds are available, and users are advised to upgrade to fixed software releases.

What happened 🕵️‍♂️

A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack. This issue arises from insufficient validation of backup file contents. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file, potentially gaining root privileges on the affected device.

TL;DR 📌

Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller have vulnerabilities in their REST API that could allow low-privileged authenticated attackers to access sensitive information or modify files. The highest CVSS score is 5.4 (Medium severity). No workarounds are available, and updates are necessary to mitigate the risks.

What happened 🕵️‍♂️

Multiple vulnerabilities have been identified in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC). These vulnerabilities arise from missing authorization controls, enabling low-privileged authenticated attackers to potentially view sensitive information or perform limited administrative functions, such as uploading images or accessing configuration details. Exploitation requires sending crafted API requests to affected endpoints.