CISCO SECURITY ADVISORIES

 In Threat Horizon

Priority: High

Executive Summary: Cisco have disclosed 41 new Security Advisories, covering 1 Critical security impacting vulnerability, 23 High impact CVEs and 18 Medium impact CVEs. The Security Advisories cover a range of affect Cisco products, which have been provided below.

The critical vulnerability (CVE-2019-1804), has a CVSS score of 9.8 and affects the Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode, that are running NX-OS Software releases prior to 14.1(1i). This vulnerability allows a remote, unauthenticated attacker to connect to an affected system with the privileges of the ‘root’ user due to the presence of a default SSH key pair that is available in all devices. This can lead to exploitation of the vulnerability by an attacker, should they open an SSH connection via IPv6. IPv4 is not vulnerable. Whilst there are no work-arounds available, Cisco have released software updates to address the vulnerability and therefore this vulnerability can be prevented against by upgrading to Software releases 14.1(1i) and later.

Cisco have released software updates to address each of the Critical and High impact vulnerabilities announced. Some of the vulnerabilities have workarounds. These are unique to the product affected and the vulnerability involved and can be found within the applicable advisory.

Three of the Medium impact vulnerabilities have not yet been addressed in security updates from Cisco. These are CVE-2019-1856, CVE-2019-1857 and CVE-2019-1589. All other Medium impact vulnerabilities released have been addressed in updates.

Detect: Each of the advisories provide different methods of detecting the running version and whether the affected device is susceptible to the vulnerabilities. It is therefore recommended to investigate detection methods in each individual advisory for any products affected.

Prevent: Cisco have released software updates to address each of the Critical and High impact vulnerabilities announced.

Three of the Medium impact vulnerabilities have not yet been addressed in security updates from Cisco with all other Medium impact vulnerabilities having patches or workarounds accounted ITC recommended reviewing each vulnerability to understand if this impacts your device or services.

React: Update to latest versions of software for affected products where possible. Some workarounds are available and are explained in the applicable advisories.

Sources:
[1] https://tools.cisco.com/security/center/publicationListing.x

Author: George Thomas

Recent Posts

Leave a Comment

Tel:
+1 202-452-9133