Cisco Patches Critical Flaw in Smart Licensing Solution
Cisco has released patches for sixteen vulnerabilities across its products, including one rated critical, six high severity, and nine medium risk.
The critical vulnerability impacts Cisco’s Smart Software Manager On-Prem licensing solution (previously known as Smart Software Manager satellite) and could allow a remote, unauthenticated attacker to access system data with high privileges.
Cisco explains that the issue is the result of a system account with a default and static password, but which is not under the control of the system administrator.
An attacker could use the account to gain read and write access to system data, including the configuration of affected devices. However, they would not have full control of the device, the company explains.
Tracked as CVE-2020-3158 and featuring a CVSS score of 9.8, the flaw impacts Cisco Smart Software Manager On-Prem releases earlier than 7-202001, but only if the High Availability (HA) feature is enabled.
The first of the high severity bugs addressed this week impacts Unified Contact Center Express (Unified CCX) and could allow an attacker with valid administrative credentials to upload arbitrary files and execute commands on the underlying operating system (CVE-2019-1888).
A high risk flaw (CVE-2019-1736) patched in UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass UEFI Secure Boot validation checks and load their own software image on an affected device.
The issue impacts Firepower Management Center (FMC) 1000, 2500, and 4500, Secure Network Server 3500 and 3600 Series Appliances, and Threat Grid 5504 Appliance, if they run a vulnerable BIOS version and a vulnerable Integrated Management Controller (IMC) firmware.
Cisco also fixed a vulnerability (CVE-2019-1983) in the email message filtering feature of AsyncOS Software for Email Security Appliance (ESA) and Content Security Management Appliance (SMA) that could allow an unauthenticated, remote attacker to crash processes and cause denial of service (DoS).
Another flaw in the AsyncOS Software for ESA (CVE-2019-1947) could be exploited remotely without authentication to increase CPU utilization to 100 percent, causing a denial of service (DoS) condition.
The other two high severity bugs addressed this week impact the Cisco Data Center Network Manager (DCNM). The first of them is an elevation of privilege in the REST API endpoint (CVE-2020-3112), while the second is a cross-site request forgery (CSRF) bug in the web-based management interface (CVE-2020-3114).
The medium risk flaws Cisco patched this week include a DoS bug in Unified Contact Center Enterprise, remote code execution in Enterprise NFV Infrastructure Software (NFVIS), Cross-Site Scripting (XSS) in Identity Services Engine, XSS in Finesse, DoS in AsyncOS Software for ESA, SQL injection in Cloud Web Security (CWS), DoS in Meeting Server, incorrect handling of directory paths in AnyConnect Secure Mobility Client for Windows, and XSS in Data Center Network Manager (DCNM).
Cisco says it is not aware of any malicious exploitation of these vulnerabilities.
Specific information on each of these vulnerabilities can be found in the advisories Cisco published on its support website.