Number: AV18-067
Date: 19 April 2018
Purpose
The purpose of this advisory is to bring attention to multiple Cisco security advisories.
Assessment
Cisco released multiple security updates to address vulnerabilities (medium to critical) in the following products.
- Cisco WebEx Clients Remote Code Execution Vulnerability
- Cisco UCS Director Virtual Machine Information Disclosure Vulnerability for End User Portal
- Cisco StarOS Interface Forwarding Denial of Service Vulnerability
- Cisco IOS XR Software UDP Broadcast Forwarding Denial of Service Vulnerability
- Cisco Firepower Detection Engine Secure Sockets Layer Denial of Service Vulnerability
- Cisco Firepower 2100 Series Security Appliances IP Fragmentation Denial of Service Vulnerability
- Cisco ASA Software, FTD Software, and AnyConnect Secure Mobility Client SAML Authentication Session Fixation Vulnerability
- Cisco Adaptive Security Appliance Application Layer Protocol Inspection Denial of Service Vulnerabilities
- Cisco Adaptive Security Appliance TLS Denial of Service Vulnerability
- Cisco Adaptive Security Appliance Flow Creation Denial of Service Vulnerability
- Cisco Adaptive Security Appliance Virtual Private Network SSL Client Certificate Bypass Vulnerability
- Cisco WebEx Connect IM Cross-Site Scripting Vulnerability
- Cisco Unified Communications Manager LDAP Information Disclosure Vulnerability
- Cisco Unified Communications Manager HTTP Interface Information Disclosure Vulnerability
- Cisco StarOS IPsec Manager Denial of Service Vulnerability
- Cisco Packet Data Network Gateway Peer-to-Peer Message Processing Denial of Service Vulnerability
- Cisco Identity Services Engine Shell Access Vulnerability
- Cisco Industrial Ethernet Switches Device Manager Cross-Site Request Forgery Vulnerability
- Cisco Firepower System Software Intelligent Application Bypass Vulnerability
- Cisco Firepower System Software Server Message Block File Policy Bypass Vulnerability
- Cisco Firepower System Software Server Message Block File Policy Bypass Vulnerability
- Cisco Firepower Threat Defense SSL Engine High CPU Denial of Service Vulnerability
- Cisco DNA Center Cross Origin Resource Sharing Vulnerability
- Cisco cBR Series Converged Broadband Routers High CPU Usage Denial of Service Vulnerability
- Cisco Adaptive Security Appliance Clientless SSL VPN Cross-Site Scripting Vulnerability
- Cisco Adaptive Security Appliance WebVPN Cross-Site Scripting Vulnerability
- Cisco AMP for Endpoints macOS Connector DMG File Malware Bypass Vulnerability
- Cisco MATE Live Directory Information Disclosure Vulnerability
- Cisco MATE Collector Cross-Site Request Forgery Vulnerability
- Cisco Wireless LAN Controller Default Simple Network Management Protocol Community Strings
CVE References: CVE-2018-0112, CVE-2018-0238, CVE-2018-0239, CVE-2018-0241 , CVE-2018-0233, CVE-2018-0230, CVE-2018-0229, CVE-2018-0240, CVE-2018-0231, CVE-2018-0228, CVE-2018-0227, CVE-2018-0276, CVE-2018-0267, CVE-2018-0267, CVE-2018-0266, CVE-2018-0273, CVE-2018-0256, CVE-2018-0275, CVE-2018-0255, CVE-2018-0254, CVE-2018-0244, CVE-2018-0243, CVE-2018-0272, CVE-2018-0269, CVE-2018-0257, CVE-2018-0251, CVE-2018-0242, CVE-2018-0237, CVE-2018-0260, CVE-2018-0259
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wbs
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-uscd
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-staros
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iosxr
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fpsnort
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fp2100
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asaanyconnect
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa_inspect
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa3
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asa1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-webcon
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-ucm1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-ucm
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-starosasr
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-pdng
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-ise
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-iess
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-fss
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-firepower
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-dna1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-cbr8
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asawvpn2
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-asawvpn
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-amp
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-MATE1
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-MATE
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wlc