Security Advisory

Cisco Family October 2024 First Round Security Update Advisory

  • Oct 04 2024

Overview

 

Cisco(https://www.cisco.com) has released a security update that fixes vulnerabilities in products it has been made. Users of affected systems are advised to update to the latest version.

 

Affected Products

 

Cisco Data Center Network Manager

Cisco Identity Services Engine Software

Cisco Meraki MX Firmware

Cisco Nexus Dashboard Orchestrator

Cisco Small Business RV Series Router Firmware

Cisco TelePresence Video Communication Server (VCS) Expressway

Cisco Unified Computing System (Managed)

 

Resolved Vulnerabilities

 

Vulnerability in Cisco Data Center Network Manager due to insufficient data validation, which could allow arbitrary command execution (CVE-2024-20432, CVSS 9.9) [1]

Vulnerability in Cisco Small Business RV Series Router Firmware in the web-based management interface that allows elevation of privileges from guest to administrator due to sensitive information (CVE-2024-20393, CVSS 8.8) [2]

Vulnerability in Cisco Data Center Network Manager due to improper path validation, which could allow arbitrary code execution (CVE-2024-20449, CVSS 8.8) [3]

Vulnerability in Cisco Meraki MX Firmware due to entropy in a handler used during SSL VPN session establishment that could terminate the target SSL VPN session and force the remote user to initiate a new VPN connection and re-authenticate (CVE-2024-20498 and 2 others, CVSS 8.6) [4] [5

Vulnerability in Cisco Unified Computing System (Managed) due to lack of input validation, which could allow privilege escalation to the administrator level (CVE-2024-20365, CVSS 6.5) [5]

Vulnerability in Cisco Identity Services Engine Software to view device credentials that are not normally visible to a read-only administrator due to lack of proper data protection mechanisms for certain configuration settings (CVE-2024-20515, CVSS 6.5) [6]

Vulnerability to access sensitive information due to improper storage of sensitive information within configuration-only and full backup files in Cisco Data Center Network Manager (CVE-2024-20448, CVSS 6.3) [7] [8

Vulnerability in Cisco TelePresence Video Communication Server (VCS) Expressway due to insufficient validation of user input, allowing administrator privileges to be gained (CVE-2024-20492, CVSS 6.0) [8]

Vulnerability in Cisco Nexus Dashboard Orchestrator where the Cisco NDO Validate Peer Certificate site management feature only validates certificates for Cisco Application Policy Infrastructure Controller (APIC), Cisco Cloud Network Controller (CNC), and Cisco Nexus Dashboard when a new site is added or an existing site is reenrolled, allowing sensitive information to be learned during communication between these devices (CVE-2024-20385, CVSS 5.9) [9]

Vulnerability in Cisco Meraki MX Firmware that could allow an anyconnect vpn session to be taken over from a target user or prevent a target user from establishing an anyconnect vpn session with an affected device due to weak entropy for a handler used during the VPN authentication process and a race condition present in the same process (CVE-2024-20509, CVSS 5.8) [10]

Vulnerability in Cisco Data Center Network Manager due to insufficient data validation, which could result in overwriting sensitive files or crashing certain containers (CVE-2024-20444, CVSS 5.5) [11]

 

Vulnerability Patches

 

Product-specific Vulnerability Patches were made available in the October 02, 2024 update. Please refer to the ‘Affected Products’ and ‘Fixed Software’ in the product-specific information in the Referenced Sites below to apply the patches.

 

Referenced Sites

 

[1] Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cmdinj-UvYZrKfr

[2] Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Privilege Escalation and Remote Command Execution Vulnerabilities

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms

[3] Cisco Nexus Dashboard Fabric Controller Remote Code Execution Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-ptrce-BUSHLbp

[4] Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Denial of Service Vulnerabilities

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-QTRHzG2

[5] Cisco UCS B-Series, Managed C-Series, and X-Series Servers Redfish API Command Injection Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-redfish-cominj-sbkv5ZZ

[6] Cisco Identity Services Engine Information Disclosure Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-disc-ZYF2nEEX

[7] Cisco Nexus Dashboard Fabric Controller Configuration Backup Information Disclosure Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-cidv-XvyX2wLj

[8] Cisco Expressway Series Privilege Escalation Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expw-escalation-3bkz77bD

[9] Cisco Nexus Dashboard Orchestrator SSL/TLS Certificate Validation Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndo-tlsvld-FdUF3cpw

[10] Cisco Meraki MX and Z Series Teleworker Gateway AnyConnect VPN Session Takeover and Denial of Service Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-by-QWUkqV7X

[11] Cisco Nexus Dashboard Fabric Controller REST API Command Injection Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-raci-T46k3jnN

Tags:

Previous Post

Next Post