Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability

#Cisco  #Cisco Digital Network Architecture Center (DNA Center) 
🚨 SEVERITY: HIGH — CVSS 8.8 Security Advisory

TL;DR 📌

A privilege escalation vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance, allowing authenticated attackers to elevate their privileges to Administrator. The highest CVSS score for this vulnerability is 8.8, categorized as High severity. No workarounds are available, but fixed software releases are provided.

What happened 🕵️‍♂️

A vulnerability in the Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate their privileges to Administrator on an affected system. This issue arises from insufficient validation of user-supplied input. An attacker with valid credentials for a user account with at least the Observer role could exploit this vulnerability by sending a crafted HTTP request, potentially allowing unauthorized modifications to the system.

[]

Cisco Catalyst Center REST API Command Injection Vulnerability

#Cisco  #Cisco Digital Network Architecture Center (DNA Center) 
🚨 SEVERITY: MEDIUM — CVSS 6.3 Security Advisory

TL;DR 📌

A command injection vulnerability has been identified in the Cisco Catalyst Center REST API, allowing authenticated attackers to execute arbitrary commands with root privileges. The highest CVSS score for this vulnerability is 6.3 (Medium). No workarounds are available, but fixed software is provided.

What happened 🕵️‍♂️

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This issue arises from insufficient validation of user-supplied input in REST API request parameters. An attacker must have valid credentials for a user account with at least the role of Observer to exploit this vulnerability.

[]

Cisco Catalyst Center Cross-Site Scripting Vulnerability

#Cisco  #Cisco Digital Network Architecture Center (DNA Center) 
🚨 SEVERITY: MEDIUM — CVSS 6.1 Security Advisory

TL;DR 📌

A cross-site scripting (XSS) vulnerability has been identified in the web-based management interface of Cisco Catalyst Center. This vulnerability could allow an unauthenticated remote attacker to execute arbitrary script code in the context of the affected interface. Cisco has released fixed software to address this issue, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the Cisco Catalyst Center’s web-based management interface allows an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. This is due to insufficient validation of user input, enabling an attacker to exploit the vulnerability by persuading a user to click a crafted link. A successful exploit could lead to the execution of arbitrary script code or access to sensitive browser-based information.

[]

Cisco Catalyst Center Privilege Escalation Vulnerability

#Cisco  #Cisco Digital Network Architecture Center (DNA Center) 
🚨 SEVERITY: MEDIUM — CVSS 4.3 Security Advisory

TL;DR 📌

A privilege escalation vulnerability has been identified in Cisco Catalyst Center, allowing authenticated users to perform actions requiring Administrator privileges. The highest CVSS score is 4.3 (Medium). Users are advised to upgrade to fixed software releases as there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in Cisco Catalyst Center could enable an authenticated, remote attacker to execute operations that should be restricted to Administrator privileges. This issue arises from improper role-based access control (RBAC). An attacker with valid read-only user credentials could exploit this vulnerability by logging in and modifying certain policy configurations reserved for the Administrator role.

[]

Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability

#Cisco  #Cisco Digital Network Architecture Center (DNA Center) 
🚨 SEVERITY: MEDIUM — CVSS 4.7 Security Advisory

TL;DR 📌

A medium-severity HTTP open redirect vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance. This flaw could allow unauthenticated attackers to redirect users to malicious web pages. Cisco has released fixed software versions, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of the Cisco Catalyst Center Virtual Appliance has been discovered. This issue arises from improper input validation of HTTP request parameters, enabling an unauthenticated remote attacker to intercept and modify HTTP requests. If exploited, this could redirect users to malicious web pages, posing a security risk.

[]

Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities

#Cisco  #Cisco Unified Contact Center Express 
🚨 SEVERITY: CRITICAL — CVSS 9.8 Security Advisory

TL;DR 📌

Multiple critical vulnerabilities have been identified in Cisco Unified Contact Center Express (Unified CCX) that could allow unauthenticated remote attackers to execute arbitrary commands and bypass authentication. Immediate action is required to mitigate these risks.

What happened 🕵️‍♂️

Cisco has disclosed multiple vulnerabilities in the Java Remote Method Invocation (RMI) process of Cisco Unified Contact Center Express. These vulnerabilities could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root. The vulnerabilities are not dependent on one another, meaning each can be exploited independently.

[]

Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities

#Cisco  #Cisco Identity Services Engine Software 
🚨 SEVERITY: MEDIUM — CVSS 5.4 Security Advisory

TL;DR 📌

Multiple vulnerabilities have been identified in the Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC). These vulnerabilities could allow an authenticated, remote attacker to disclose sensitive information or conduct reflected cross-site scripting (XSS) attacks. Cisco has released software updates to address these issues, but no workarounds are available.

What happened 🕵️‍♂️

Cisco has disclosed multiple vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). These vulnerabilities stem from insufficient validation of user-supplied input and improper data protection mechanisms in the web-based management interface. Attackers with authenticated access could exploit these vulnerabilities to execute arbitrary scripts or access sensitive information.

[]

Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability

#Cisco  #Cisco Identity Services Engine Software 
🚨 SEVERITY: HIGH — CVSS 8.6 Security Advisory

TL;DR 📌

A vulnerability in Cisco Identity Services Engine (ISE) could allow unauthenticated attackers to cause a denial of service (DoS) by exploiting a logic error in RADIUS request processing. Affected versions include 3.4.0 and its patches. Cisco recommends upgrading to fixed software or disabling a specific setting as a workaround.

What happened 🕵️‍♂️

A vulnerability has been identified in the RADIUS setting “Reject RADIUS requests from clients with repeated failures” in Cisco Identity Services Engine (ISE). This flaw allows an unauthenticated remote attacker to send crafted RADIUS access requests that can cause Cisco ISE to restart unexpectedly, leading to a denial of service (DoS) condition.

[]

Multiple Cisco Contact Center Products Vulnerabilities

#Cisco  #Cisco Packaged Contact Center Enterprise  #Cisco Unified Contact Center Enterprise  #Cisco Unified Contact Center Express 
🚨 SEVERITY: MEDIUM — CVSS 6.5 Security Advisory

TL;DR 📌

Multiple vulnerabilities have been identified in Cisco Contact Center products, allowing authenticated attackers to potentially disclose sensitive information, execute arbitrary commands, and elevate privileges. The highest CVSS score is 6.5, indicating a medium risk. Users are advised to upgrade to fixed software releases as there are no available workarounds.

What happened 🕵️‍♂️

Cisco has disclosed multiple vulnerabilities affecting its Contact Center products, including Cisco Unified Contact Center Express (Unified CCX), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Packaged Contact Center Enterprise (Packaged CCE), and Cisco Unified Intelligence Center (CUIC). These vulnerabilities can be exploited by authenticated remote attackers to disclose sensitive information, upload and execute arbitrary files, and elevate privileges to root. Successful exploitation requires valid user credentials.

[]

Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability

#Cisco  #Cisco BroadWorks 
🚨 SEVERITY: MEDIUM — CVSS 4.8 Security Advisory

TL;DR 📌

A cross-site scripting (XSS) vulnerability has been identified in the Cisco BroadWorks CommPilot Application Software, which could allow an authenticated attacker to execute arbitrary scripts. The highest CVSS score is 4.8, categorized as Medium severity. No workarounds are available, and users are advised to upgrade to fixed software versions.

What happened 🕵️‍♂️

A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software has been discovered. This flaw allows an authenticated remote attacker to conduct cross-site scripting (XSS) attacks by injecting malicious code into specific pages of the interface. Successful exploitation could enable the attacker to execute arbitrary script code or access sensitive browser-based information. To exploit this vulnerability, the attacker must possess valid administrative credentials.

[]