Security Advisory

Cisco Family April 2024 1st Security Update Advisory

  • Apr 04 2024

Overview

 

Cisco(https://www.cisco.com) has released a security update that fixes vulnerabilities in products it has been made. users of affected systems are advised to update to the latest version.

 

Affected Products

 

Cisco Data Center Network Manager

Cisco Enterprise Chat and Email

Cisco IOS XE Software

Cisco Identity Services Engine Software

Cisco Nexus Dashboard

Cisco Nexus Dashboard Insights

Cisco Nexus Dashboard Orchestrator

Cisco Small Business RV Series Router Firmware

Cisco TelePresence Management Suite (TMS)

Cisco Unified Communications Manager IM and Presence Service

 

Resolved Vulnerabilities

 

Vulnerability in Cisco Data Center Network Manager to read sensitive files in a pnp container due to an unauthenticated provisioning web server that could facilitate further attacks against the pnp infrastructure (CVE-2024-20348, CVSS 7.5) [1]

Vulnerability in Cisco Nexus Dashboard, Cisco Data Center Network Manager, Cisco Nexus Dashboard Insights, and Cisco Nexus Dashboard Orchestrator due to insufficient CSRF protection in the web-based management interface, which could allow arbitrary actions with user privileges (CVE-2024-20281, CVSS 7.5) [2]

Vulnerability in Cisco Identity Services Engine Software in the web-based management interface due to insufficient CSRF protection, allowing arbitrary attacker command execution (CVE-2024-20368, CVSS 6.5) [3]

Vulnerability in Cisco Small Business RV Series Router Firmware due to lack of input validation, which could allow arbitrary script command execution (CVE-2024-20362, CVSS 6.1) [4]

Vulnerability in Cisco Unified Communications Manager IM and Presence Service, Cisco IOS XE Software in the web-based administration feature due to insufficient validation of user input values, which could allow arbitrary script command execution (CVE-2024-20310, CVSS 6.1) [5]

Vulnerability in Cisco Nexus Dashboard due to insufficient protection for sensitive access tokens, which could allow root access to the file system or hosting container on an affected device (CVE-2024-20282, CVSS 6.0) [6]

Vulnerability in Cisco TelePresence Management Suite (TMS) due to insufficient validation of input values, which could allow arbitrary script command execution (CVE-2024-20334, CVSS 5.5) [7]

Vulnerability in Cisco Identity Services Engine Software due to lack of input value validation, which could allow the affected device to send arbitrary network requests (CVE-2024-20332, CVSS 5.5) [8]

Vulnerability in Cisco Enterprise Chat and Email where the web UI does not properly validate user-supplied input, allowing arbitrary script command execution (CVE-2024-20367, CVSS 5.4) [9]

Possible vulnerability in Cisco Nexus Dashboard Orchestrator to modify or delete tenant templates under an unattached tenant due to insufficient access control handling (CVE-2024-20302, CVSS 5.4) [10]

Possible vulnerability in Cisco Nexus Dashboard to access metrics and information about devices in a Nexus Dashboard cluster due to insufficient access control handling (CVE-2024-20283, CVSS 4.3) [11]

 

Vulnerability Patches

 

Product-specific Vulnerability Patches were made available in the 04/03/2024 update. please refer to the ‘Affected Products’ and ‘Fixed Software’ in the product-specific information in the Referenced Sites below to apply the patches.

 

Referenced Sites

 

[1] Cisco Nexus Dashboard Fabric Controller Plug and Play Arbitrary File Read Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-dir-trav-SSn3AYDw

[2] Cisco Nexus Dashboard and Nexus Dashboard Hosted Services Cross-Site Request Forgery Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfccsrf-TEmZEfJ9

[3] Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-NfAKXrp5

[4] Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site Scripting Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup

[5] Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imps-xss-quWkd9yF

[6] Cisco Nexus Dashboard Privilege Escalation Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndru-pesc-kZ2PQLZH

[7] Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-kGw4DX9Y

[8] Cisco Identity Services Engine Server-Side Request Forgery Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-ssrf-FtSTh5Oz

[9] Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-xss-CSQxgxfM

[10] Cisco Nexus Dashboard Orchestrator Unauthorized Policy Actions Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-upav-YRqsCcSP

[11] Cisco Nexus Dashboard Information Disclosure Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndidv-LmXdvAf2

Tags:

Previous Post

Next Post