THREAT HORIZON – CISCO SEMIANNUAL SECURITY ADVISORY SEPTEMBER 2018

 In Threat Horizon

The following was circulated to our Managed Security Services customers on Friday 28th September 2018.

Priority: High

Executive Summary: Cisco released its semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication on September 26th, 2018.

The September 2018 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication includes 12 Cisco Security Advisories that describe 13 vulnerabilities in Cisco IOS Software and Cisco IOS XE Software. One of the advisories describes a vulnerability that also exists on versions of Cisco ASA 5500-X series software.

Within this advisory there are no vulnerabilities with a Security Impact Rating (SIR) of Critical. All the vulnerabilities have an SIR of High.

Successful exploitation of the vulnerabilities could allow an attacker to gain elevated privileges for an affected device or cause a denial of service (DoS) condition on an affected device.

Four of the below mentioned vulnerabilities affect both Cisco IOS Software and Cisco IOS XE Software. One of the vulnerabilities affects Cisco IOS Software and seven of the vulnerabilities affect Cisco IOS XE Software. Another vulnerability affects Cisco IOS XE Software and Cisco ASA Software and Cisco has also confirmed that none of the vulnerabilities affect Cisco NX-OS Software.

The following table identifies Cisco Security content that is associated with this Cisco IOS and IOS XE Software Security Advisory Bundled Publication:

Cisco Security Vulnerabilities CVE ID Security Impact Rating CVSS Base Score IPS Signature
cisco-sa-20180926-cmp

Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability

CVE-2018-0475 High 7.4
cisco-sa-20180926-ipv6hbh

Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial of Service Vulnerability

CVE-2018-0467 High 8.6
cisco-sa-20180926-ospfv3-dos

Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulnerability

CVE-2018-0466 High 7.4 OS XE WATCHDOG Router Crash
cisco-sa-20180926-sm1t3e3

Cisco IOS and IOS XE Software SM-1T3/E3 Service Module Denial of Service Vulnerability

CVE-2018-0485 High 8.6
cisco-sa-20180926-ptp

Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

CVE-2018-0473 High 7.5
cisco-sa-20180926-ipsec

Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability

CVE-2018-0472 High 8.6
cisco-sa-20180926-cdp-memleak

Cisco IOS XE Software Cisco Discovery Protocol Memory Leak Vulnerability

CVE-2018-0471 High 7.4
cisco-sa-20180926-iosxe-cmdinj

Cisco IOS XE Software Command Injection Vulnerabilities

CVE-2018-0477

CVE-2018-0481

High 6.7
cisco-sa-20180926-errdisable

Cisco IOS XE Software Errdisable Denial of Service Vulnerability

CVE-2018-0480 High 7.4
cisco-sa-20180926-webdos

Cisco IOS XE Software HTTP Denial of Service Vulnerability

CVE-2018-0470 High 8.6
cisco-sa-20180926-sip-alg

Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability

CVE-2018-0476 High 8.6
cisco-sa-20180926-webuidos

Cisco IOS XE Software Web UI Denial of Service Vulnerability

CVE-2018-0469 High 8.6

The following sections will target the critical CVE’s. For the vulnerabilities rated high. ITC recommended that you review Cisco’s advisory found here. https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981

Detect: For all CVE’s addressed by the Cisco Advisory, ITC recommend that customers review the details provided by Cisco for detecting the specific vulnerabilities reported.

Prevent: For all CVE’s addressed by the Cisco Advisory, ITC recommended to upgrade to the versions recommended by Cisco in each individual advisory. If an upgrade is not an available option, ITC would recommend that the workarounds documented in the specific vulnerability be applied.

React: Please utilize the software checker provided Cisco (source 4), to confirm if any Cisco IOS / IOS XE versions in place are vulnerable and if so, prepare upgrades to the recommended version.

Sources:
[1] https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981
[2] https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
[3] https://tools.cisco.com/security/center/softwarechecker.x
[4] https://blogs.cisco.com/security/cisco-ios-ios-xe-bundled-publication-sept-2018

Author: Sophia Casimir

Recent Posts

Leave a Comment

Tel:
+44 (0) 20 7517 3900

 

Contact ITC Secure

If you have a question, request, comment or requirement, please send us an email now and we will get back to you by return