Archive for category Vulnerabilities

Rewterz Threat Advisory – CVE-2020-1600 – Juniper Networks Junos OS Denial of Service in the RPD daemon

Severity

Medium

Analysis Summary

In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition.

Impact

Denial of Service

Affected Vendors

Denial of Service

Affected Products

Juniper Networks Junos OS

Remediation

Please see vendor’s advisory for the list of affected products and updated versions.

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10979&cat=SIRT_1&actp=LIST


Rewterz Threat Advisory – CVE-2019-16005 – Cisco Webex Video Mesh Node Command Injection Vulnerability

Severity

Medium

Analysis Summary

The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrative privileges and supplying crafted requests to the application. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges on a targeted node.

Impact

Execute arbitrary commands

Affected Vendors

Cisco

Affected Products

Cisco Webex Video Mesh Software releases earlier than 2019.09.19.1956m

Remediation

Please see vendor’s advisory for more details.

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-webex-video


Rewterz Threat Advisory – CVE-2019-17026 – Mozilla Firefox Actively Exploited Zero-Day Vulnerability

Severity

High

Analysis Summary

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion.

Impact

Execute code or trigger crashes on machines running vulnerable Firefox versions.

Affected Vendors

Mozilla

Affected Products

  • Firefox
  • Firefox ESR

Remediation

Update to version

  • Firefox 72.0.1
  • Firefox ESR 68.4.1

Rewterz Threat Advisory – CVE-2020-6377 – Google Chrome Audio Code Execution Vulnerability

Severity

High

Analysis Summary

CVE-2020-6377 (Use after free in audio)

Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in audio. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Audio code execution

Affected Vendors

Google

Affected Products

Google Chrome

Remediation

Upgrade to the latest version of Google Chrome (79.0.3945.117 or later).


Rewterz Threat Advisory – Active Scanning of Vulnerable Citrix Servers

Severity

High

Analysis Summary

Ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers vulnerable to attacks exploiting CVE-2019-19781

If exploited, it could allow an unauthenticated remote attacker to access private network resources and execute arbitrary code on vulnerable systems. This attack does not require access to any accounts, and therefore can be performed by any external attacker.

This vulnerability allows any unauthorized attacker to not only access published applications, but also attack other resources on the company’s internal network from the Citrix server.

Impact

Arbitrary code execution

Affected Vendors

Citrix

Affected Products

  • Citrix ADC and Citrix Gateway version 13.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.1 all supported builds
  • Citrix ADC and NetScaler Gateway version 12.0 all supported builds
  • Citrix ADC and NetScaler Gateway version 11.1 all supported builds
  • Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

Remediation

Citrix has released a set of mitigation measures which can be implemented and recommends recommends all impacted customers to apply them as soon as possible.


Rewterz Threat Advisory – Cisco NX-OS and Switches – Critical Vulnerabilities

Severity

High

Analysis Summary

Cisco patched three authentication bypass bugs tied to its DCNM platform used to manage NX-OS. The three critical vulnerabilities impact a key tool for managing its network platform and switches. The bugs could allow an unauthenticated, remote attacker to bypass endpoint authentication and execute arbitrary actions with administrative privileges on targeted devices. 

All three (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) impact the Cisco Data Center Network Manager (DCNM), a platform for managing its data centers running Cisco’s NX-OS. NX-OS is the  network operating system used by Cisco’s Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches.
Affected products include Cisco DCNM software releases earlier than Release 11.3 for Microsoft Windows, Linux and virtual appliance platforms.

Two of the flaws (CVE-2019-15975 and CVE-2019-15976), “are authentication bypass vulnerabilities in the REST API and SOAP API endpoints for Cisco DCNM due to the existence of a static encryption key shared between installations. The third bug (CVE-2019-15976) is described by Cisco as “data center network manager authentication bypass vulnerability.” This flaw exists in the web-based management interface of the DCNM, allowing an unauthenticated, remote attacker to bypass authentication on an affected device.

Impact

  • Authentication Bypass
  • Unauthorized Remote Access

Affected Vendors

Cisco

Affected Products

Cisco DCNM software releases earlier than Release 11.3 for Microsoft Windows Linux and virtual appliance platforms

Remediation

Update to Cisco DCNM Software releases 11.3(1) and later.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200102-dcnm-auth-bypass


Copyright © Rewterz. All rights reserved.