Number: AV18-119
Date: 18 July 2018
Purpose
The purpose of this advisory is to bring attention to multiple Cisco security advisories.
Assessment
Cisco released multiple security updates to address several vulnerabilities in various Cisco products.
Affected Products:
- Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode DHCP Version 6 Denial of Service Vulnerability
- Cisco Policy Suite Cluster Manager Default Password Vulnerability
- Cisco Policy Suite OSGi Interface Unauthenticated Access Vulnerability
- Cisco Policy Suite Policy Builder Database Unauthenticated Access Vulnerability
- Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability
- Cisco SD-WAN Solution CLI Command Injection Vulnerability
- Cisco SD-WAN Solution Command Injection Vulnerability
- Cisco SD-WAN Solution Command Injection Vulnerability
- Cisco SD-WAN Solution Configuration and Management Database Remote Code Execution Vulnerability
- Multiple Vulnerabilities in Cisco Finesse
- Cisco SD-WAN Solution Remote Code Execution Vulnerability
- Cisco SD-WAN Solution VPN Subsystem Command Injection Vulnerability
- Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability
- Cisco SD-WAN Solution Zero Touch Provisioning Command Injection Vulnerability
- Cisco SD-WAN Solution Zero Touch Provisioning Denial of Service Vulnerability
- Cisco Unified Communications Manager IM And Presence Service Cross-Site Scripting Vulnerability
- Cisco Webex DOM-Based Cross-Site Scripting Vulnerability
- Cisco Webex Network Recording Players Denial of Service Vulnerabilities
- Cisco Webex Network Recording Players Remote Code Execution Vulnerabilities
- Cisco Webex Teams Remote Code Execution Vulnerability
- Multiple Vulnerabilities in Cisco Unified Contact Center Express
- Cisco Policy Suite Policy Builder Unauthenticated Access Vulnerability
- Cisco Cloud Services Platform 2100 Web Upload Function Code Injection Vulnerability
- Cisco Policy Suite Read-Only User Effect Change Vulnerability
- Cisco Policy Suite World-Readable Sensitive Data Vulnerability
- Cisco SD-WAN Solution Local Buffer Overflow Vulnerability
CVE References: CVE-2018-0342, CVE-2018-0343, CVE-2018-0344, CVE-2018-0345, CVE-2018-0346, CVE-2018-0347, CVE-2018-0348, CVE-2018-0349, CVE-2018-0350, CVE-2018-0351, CVE-2018-0372, CVE-2018-0374, CVE-2018-0375, CVE-2018-0376, CVE-2018-0377, CVE-2018-0379, CVE-2018-0380, CVE-2018-0387, CVE-2018-0390, CVE-2018-0392, CVE-2018-0393, CVE-2018-0394, CVE-2018-0396, CVE-2018-0398, CVE-2018-0399, CVE-2018-0400, CVE-2018-0401, CVE-2018-0402, CVE-2018-0403
Suggested action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-bo
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-data
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-suite-change
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-finesse
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-csp2100-injection
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-cmd-inject
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sd-wan-code-ex
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-uccx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ucmim-ps-xss
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-DOM-xss
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-teams-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-20180718-nexus-9000-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-ci
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cmdnjct
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-coinj
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-cx
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-fo
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-webex-rce
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-cm-default-psswrd
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-policy-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-ps-osgi-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-pspb-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180718-sdwan-dos