Rewterz Threat Alert – Sea Turtle Adopts New DNS Hijacking Techniques
July 18, 2019Rewterz Threat Advisory – CVE-2019-1784 – Cisco NX-OS Software Command Injection Vulnerability
July 18, 2019Rewterz Threat Alert – Sea Turtle Adopts New DNS Hijacking Techniques
July 18, 2019Rewterz Threat Advisory – CVE-2019-1784 – Cisco NX-OS Software Command Injection Vulnerability
July 18, 2019Severity
High
Analysis Summary
The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system.
Impact
Privilege access
Affected Vendors
Cisco
Affected Products
Cisco Vision Dynamic Signage Director
Remediation
Please see vendor’s advisory for more details
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-cvdsd-wmauth