Your doctor (Cisco) is going to provides a nursing this week – 3rd Oct 2018

Your doctor is going to provides a nursing this week. Since vendor only provided high-level overview of vulnerability. But believe that the weakness given by REST-API.

Critical CVE-2018-15386
Cisco Digital Network Architecture Center Unauthenticated Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-dna-unauth-access

Critical CVE-2018-0448
Cisco Digital Network Architecture Center Authentication Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-dna-auth-bypass

Additional 1:

Critical CVE-2018-15379
Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-pi-tftp

Additional 2:

High CVE-2018-15390
Cisco Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-ftd-inspect-dos

High CVE-2018-0455
Cisco Firepower System Software Detection Engine Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-fp-smb-snort

High CVE-2018-15389
Cisco Prime Collaboration Provisioning Intermittent Hard-Coded Password Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-cpcp-password

* A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install.

High CVE-2018-15387
Cisco SD-WAN Solution Certificate Validation Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-sd-wan-bypass

High CVE-2018-15383
Cisco Adaptive Security Appliance Direct Memory Access Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-asa-dma-dos

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.