ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Cisco Security Vulnerability Thread.

    Scheduled Pinned Locked Moved News
    ciscosecurity
    91 Posts 14 Posters 14.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • nadnerBN
      nadnerB
      last edited by

      https://arstechnica.com/information-technology/2018/11/bluetooth-bugs-bite-millions-of-wi-fi-aps-from-cisco-meraki-and-aruba/

      Wi-Fi access points sold by Cisco, Meraki, and Aruba have two critical vulnerabilities being patched that could allow hackers to run malware inside the sensitive networks that use the gear. While the flaws open corporate networks to some scary attacks, the real-world likelihood of them being exploited is debatable.

      1 Reply Last reply Reply Quote 1
      • travisdh1T
        travisdh1
        last edited by

        3 new vulnerabilities this morning.

        Remote code execution
        Cisco Stealthwatch Management Console Authentication Bypass Vulnerability
        https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-smc-auth-bypass

        2nd remote code execution.
        Cisco Unity Express Arbitrary Command Execution Vulnerability
        https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-cue

        And a Meraki local privilege escalation for good measure.
        Cisco Meraki Local Status Page Privilege Escalation Vulnerability
        https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-meraki

        scottalanmillerS 1 Reply Last reply Reply Quote 1
        • scottalanmillerS
          scottalanmiller @travisdh1
          last edited by

          @travisdh1 wow, that's out of control.

          1 Reply Last reply Reply Quote 0
          • travisdh1T
            travisdh1
            last edited by

            They made it more than a month! It must be a record.

            Web based privilege escalation on ASA boxes.
            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181219-asa-privesc

            1 Reply Last reply Reply Quote 0
            • travisdh1T
              travisdh1
              last edited by

              Two Cisco ESA (Email Security Gateway) DDOS vulnerabilities today:
              https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos
              https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos

              dafyreD 1 Reply Last reply Reply Quote 0
              • black3dynamiteB
                black3dynamite
                last edited by

                @travisdh1 Is your hatred towards Ubuntu the same with Cisco? The fact that you created a thread just for it makes me think so.

                travisdh1T dbeatoD 2 Replies Last reply Reply Quote 0
                • travisdh1T
                  travisdh1 @black3dynamite
                  last edited by

                  @black3dynamite said in Cisco Security Vulnerability Thread.:

                  @travisdh1 Is your hatred towards Ubuntu the same with Cisco? The fact that you created a thread just for it makes me think so.

                  I created this thread because of all the people that were claiming that Cisco does not have security issues, when we know that assertion is not true. It's really more about documenting what we already know than an active "I don't like Cisco".

                  That said, it is true, I don't like Cisco. If they made products that were priced right and not an active security breach waiting to happen.

                  1 Reply Last reply Reply Quote 2
                  • dbeatoD
                    dbeato @black3dynamite
                    last edited by

                    @black3dynamite said in Cisco Security Vulnerability Thread.:

                    @travisdh1 Is your hatred towards Ubuntu the same with Cisco? The fact that you created a thread just for it makes me think so.

                    Lol, I wouldn't classify it as much but a lot of people do hate Ubuntu/Debian... unwarranted in my opinion but hey what can I say, I am biased 🙂

                    JaredBuschJ 1 Reply Last reply Reply Quote 0
                    • JaredBuschJ
                      JaredBusch @dbeato
                      last edited by

                      @dbeato said in Cisco Security Vulnerability Thread.:

                      @black3dynamite said in Cisco Security Vulnerability Thread.:

                      @travisdh1 Is your hatred towards Ubuntu the same with Cisco? The fact that you created a thread just for it makes me think so.

                      Lol, I wouldn't classify it as much but a lot of people do hate Ubuntu/Debian... unwarranted in my opinion but hey what can I say, I am biased 🙂

                      I hate Ubuntu, but Debian is fine.

                      dbeatoD 1 Reply Last reply Reply Quote 1
                      • dbeatoD
                        dbeato @JaredBusch
                        last edited by

                        @JaredBusch said in Cisco Security Vulnerability Thread.:

                        @dbeato said in Cisco Security Vulnerability Thread.:

                        @black3dynamite said in Cisco Security Vulnerability Thread.:

                        @travisdh1 Is your hatred towards Ubuntu the same with Cisco? The fact that you created a thread just for it makes me think so.

                        Lol, I wouldn't classify it as much but a lot of people do hate Ubuntu/Debian... unwarranted in my opinion but hey what can I say, I am biased 🙂

                        I hate Ubuntu, but Debian is fine.

                        Point taken.

                        1 Reply Last reply Reply Quote 0
                        • dafyreD
                          dafyre @travisdh1
                          last edited by

                          @travisdh1 said in Cisco Security Vulnerability Thread.:

                          Two Cisco ESA (Email Security Gateway) DDOS vulnerabilities today:
                          https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos
                          https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos

                          At least these weren't hard coded passwords!

                          travisdh1T 1 Reply Last reply Reply Quote 1
                          • travisdh1T
                            travisdh1 @dafyre
                            last edited by

                            @dafyre said in Cisco Security Vulnerability Thread.:

                            @travisdh1 said in Cisco Security Vulnerability Thread.:

                            Two Cisco ESA (Email Security Gateway) DDOS vulnerabilities today:
                            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos
                            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos

                            At least these weren't hard coded passwords!

                            That we know of!

                            1 Reply Last reply Reply Quote 0
                            • travisdh1T
                              travisdh1
                              last edited by

                              Only 23 vulnerabilities announced yesterday. I don't have the time to weed through them all!

                              https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

                              travisdh1T 1 Reply Last reply Reply Quote 2
                              • travisdh1T
                                travisdh1 @travisdh1
                                last edited by

                                @travisdh1 said in Cisco Security Vulnerability Thread.:

                                Only 23 vulnerabilities announced yesterday. I don't have the time to weed through them all!

                                https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

                                Turns out, one is significantly worse than the unpublicized admin credentials. Their SBS line has the default admin and password account active until you create another admin account. Published admin credentials. FFS Cisco.

                                1 Reply Last reply Reply Quote 1
                                • travisdh1T
                                  travisdh1
                                  last edited by

                                  Cisco Network Assurance Engine CLI default user/password. At this point, I'm assuming anything Cisco has an unpublished admin user/password somewhere!

                                  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

                                  dafyreD 1 Reply Last reply Reply Quote 1
                                  • dafyreD
                                    dafyre @travisdh1
                                    last edited by dafyre

                                    @travisdh1 said in Cisco Security Vulnerability Thread.:

                                    Cisco Network Assurance Engine CLI default user/password. At this point, I'm assuming anything Cisco has an unpublished admin user/password somewhere!

                                    https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

                                    This one seems like an actual bug, and not a hard coded password.

                                    From what I read, the TL;DR version is that when you change your web interface password, it doesn't change your CLI password.

                                    travisdh1T 1 Reply Last reply Reply Quote 0
                                    • travisdh1T
                                      travisdh1 @dafyre
                                      last edited by

                                      @dafyre said in Cisco Security Vulnerability Thread.:

                                      @travisdh1 said in Cisco Security Vulnerability Thread.:

                                      Cisco Network Assurance Engine CLI default user/password. At this point, I'm assuming anything Cisco has an unpublished admin user/password somewhere!

                                      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

                                      This one seems like an actual bug, and not a hard coded password.

                                      From what I read, the TL;DR version is that when you change your web interface password, it doesn't change your CLI password.

                                      I didn't get a chance to do more than glance at this one. That's actually worse. How do you screw up a credential system that bad?

                                      dafyreD scottalanmillerS 2 Replies Last reply Reply Quote 1
                                      • dafyreD
                                        dafyre @travisdh1
                                        last edited by dafyre

                                        @travisdh1 said in Cisco Security Vulnerability Thread.:

                                        @dafyre said in Cisco Security Vulnerability Thread.:

                                        @travisdh1 said in Cisco Security Vulnerability Thread.:

                                        Cisco Network Assurance Engine CLI default user/password. At this point, I'm assuming anything Cisco has an unpublished admin user/password somewhere!

                                        https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

                                        This one seems like an actual bug, and not a hard coded password.

                                        From what I read, the TL;DR version is that when you change your web interface password, it doesn't change your CLI password.

                                        I didn't get a chance to do more than glance at this one. That's actually worse. How do you screw up a credential system that bad?

                                        Agreed. My thinking when I originally replied was, "Well, at least this isn't a hard coded backdoor password" lol.

                                        But I think you're right, it is worse in some ways.

                                        DashrenderD 1 Reply Last reply Reply Quote 0
                                        • DashrenderD
                                          Dashrender @dafyre
                                          last edited by

                                          @dafyre said in Cisco Security Vulnerability Thread.:

                                          @travisdh1 said in Cisco Security Vulnerability Thread.:

                                          @dafyre said in Cisco Security Vulnerability Thread.:

                                          @travisdh1 said in Cisco Security Vulnerability Thread.:

                                          Cisco Network Assurance Engine CLI default user/password. At this point, I'm assuming anything Cisco has an unpublished admin user/password somewhere!

                                          https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

                                          This one seems like an actual bug, and not a hard coded password.

                                          From what I read, the TL;DR version is that when you change your web interface password, it doesn't change your CLI password.

                                          I didn't get a chance to do more than glance at this one. That's actually worse. How do you screw up a credential system that bad?

                                          Agreed. My thinking when I originally replied was, "Well, at least this isn't a hard coded backdoor password" lol.

                                          But I think you're right, it is worse in some ways.

                                          I don't follow - this is a bug - we're human, we make mistakes.

                                          A hard coded password is not a mistake, it's a decision.

                                          Unless I'm missing something, a hard coded password is much worse.

                                          1 Reply Last reply Reply Quote 1
                                          • scottalanmillerS
                                            scottalanmiller @travisdh1
                                            last edited by

                                            @travisdh1 said in Cisco Security Vulnerability Thread.:

                                            @dafyre said in Cisco Security Vulnerability Thread.:

                                            @travisdh1 said in Cisco Security Vulnerability Thread.:

                                            Cisco Network Assurance Engine CLI default user/password. At this point, I'm assuming anything Cisco has an unpublished admin user/password somewhere!

                                            https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190212-nae-dos

                                            This one seems like an actual bug, and not a hard coded password.

                                            From what I read, the TL;DR version is that when you change your web interface password, it doesn't change your CLI password.

                                            I didn't get a chance to do more than glance at this one. That's actually worse. How do you screw up a credential system that bad?

                                            This is actually a very common design. Nearly all systems are this way. One password is to the system, one is to the application on the system. Totally normal.

                                            travisdh1T 1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 2 / 5
                                            • First post
                                              Last post