Security News > 2020 > January > New year, new critical Cisco patches to install – this time for a dirty dozen of bugs that can be exploited to sidestep auth, inject commands, etc
The immediate priority should be cleaning up CVE-201915975, CVE-201915976, and CVE-201915975, a trio of authentication bypass bugs that can be exploited remotely without authentication.
CVE-2019-15976 describes the same issue via the SOAP API, while CVE-2019-15977 describes static credentials that only allow access to "Certain confidential information," but that infomation could be used for other attacks.
An attacker can exploit the authentication bypass flaws for admin access, then use the path traversal bugs to get access to other devices and data.
CVE-2019-15984 and CVE-2019-15985 are SQL injection flaws inside the REST and SOAP APIs that would allow a remote baddie to send arbitrary SQL commands.
Information disclosure is also possible via CVE-2019-15983, which Cisco describes as an XML External Entity Read Access vulnerability - basically, the bad guy uses SOAP API commands to send XML that can then read arbitrary files.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/01/03/critical_cisco_patches/
Related news
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-06 | CVE-2019-15976 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |
| 2020-01-06 | CVE-2019-15977 | Use of Hard-coded Credentials vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 7.5 |
| 2020-01-06 | CVE-2019-15983 | XXE vulnerability in Cisco Data Center Network Manager A vulnerability in the SOAP API of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. | 4.9 |
| 2020-01-06 | CVE-2019-15984 | SQL Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. | 7.2 |
| 2020-01-06 | CVE-2019-15985 | SQL Injection vulnerability in Cisco Data Center Network Manager Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. | 7.2 |