Rewterz Threat Alert – Apache ActiveMQ Vulnerability Exploited by HelloKitty Ransomware Gang – Active IOCs
November 2, 2023Rewterz Threat Alert – Malvertising Campaign Delivers Trojanized PyCharm Software via Google Search Ads – Active IOCs
November 2, 2023Rewterz Threat Alert – Apache ActiveMQ Vulnerability Exploited by HelloKitty Ransomware Gang – Active IOCs
November 2, 2023Rewterz Threat Alert – Malvertising Campaign Delivers Trojanized PyCharm Software via Google Search Ads – Active IOCs
November 2, 2023Severity
Medium
Analysis Summary
CVE-2023-20213 CVSS:5.3
Cisco Identity Services Engine is vulnerable to a denial of service, caused by improper bounds checking when processing CDP traffic. By sending specially crafted CDP traffic, a remote attacker could exploit this vulnerability to cause the CDP process to crash.
CVE-2023-20196 CVSS:4.7
Cisco Identity Services Engine could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the web-based management interface. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code with root privileges on the vulnerable system.
CVE-2023-20195 CVSS:4.7
Cisco Identity Services Engine could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the web-based management interface. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code with root privileges on the vulnerable system.
Impact
- Denial of Service
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-20213
- CVE-2023-20196
- CVE-2023-20195
Affected Vendors
Cisco
Affected Products
- Cisco Identity Services Engine (ISE)
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.