Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
August 26, 2021Rewterz Threat Alert – BabyElephant APT Targeting Pakistan – Active IOCs
August 27, 2021Rewterz Threat Alert – Kimsuky APT Group – Active IOCs
August 26, 2021Rewterz Threat Alert – BabyElephant APT Targeting Pakistan – Active IOCs
August 27, 2021Severity
Medium
Analysis Summary
CVE-2021-1591
Cisco Nexus 9500 Series Switches could allow a remote attacker to bypass security restrictions, caused by oversubscription of resources that occurs when applying ACLs to port-channel interfaces. By attempting to access network resources that are protected by the ACL, an attacker could exploit this vulnerability to bypass access control list (ACL) rules.
CVE-2021-1586
Cisco Nexus 9000 Series Fabric Switches is vulnerable to a denial of service, caused by improper validation of TCP traffic sent to a specific port. By sending a specially crafted TCP data to a specific port, a remote attacker could exploit this vulnerability to cause the device to restart unexpectedly, and results in a denial of service condition.
CVE-2021-1523
Cisco Nexus 9000 Series Fabric Switches in ACI mode are vulnerable to a denial of service, caused by the mishandling of ingress TCP traffic to a specific port. By sending specially crafted stream of TCP packets to a specific port on a Switched Virtual Interface (SVI), a remote attacker could exploit this vulnerability to cause an eventual queue wedge, and results in a denial of service condition.
CVE-2021-1590
Cisco NX-OS Software is vulnerable to a denial of service, caused by a logic error in the implementation of the system login block-for command. By performing a brute-force login attack, a remote attacker could exploit this vulnerability to cause a login process to reload.
CVE-2021-1584
Cisco Nexus 9000 Series Fabric Switches could allow a locally authenticated attacker to gain elevated privileges on the system, caused by insufficient restrictions during the execution of a specific CLI command. By performing a command injection attack on the vulnerable command, an attacker could exploit this vulnerability to elevate privileges.
CVE-2021-1583
Cisco Nexus 9000 Series Fabric Switches could allow a locally authenticated attacker to obtain sensitive information, caused by improper access control in fabric infrastructure file system. By executing a specific vulnerable command, an attacker could exploit this vulnerability to read arbitrary files on an affected system.
CVE-2021-1577
Cisco Application Policy Infrastructure Controller could allow a remote attacker to obtain sensitive information, caused by improper access control in an API endpoint. By using a specific API endpoint to upload a file to an affected device, an attacker could exploit this vulnerability to read or write arbitrary files on an affected system.
CVE-2021-1592
Cisco UCS Manager Software is vulnerable to a denial of service, caused by improper resource management for established SSH sessions. By opening a significant number of SSH sessions, a remote authenticated attacker could exploit this vulnerability to cause the internal process to crash and restart, and results in a denial of service condition.
CVE-2021-1579
Cisco application Policy Infrastructure Controller (APIC) and Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an insufficient role-based access control (RBAC). By sending a specially-crafted API request using an app with admin write credentials, an authenticated attacker could exploit this vulnerability to gain elevate privileges to Administrator with write privileges.
CVE-2021-1578
Cisco Application Policy Infrastructure Controller (APIC) and Cloud Application Policy Infrastructure Controller (Cloud APIC) could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an improper policy default setting. By sending a specially-crafted API request, an authenticated attacker could exploit this vulnerability to gain elevate privileges to Administrator on the device.
CVE-2021-1581
Cisco Application Policy Infrastructure Controller could allow a remote attacker to upload arbitrary files, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to upload a malicious file to fill the upload partition of the affected device.
CVE-2021-1580
Cisco Application Policy Infrastructure Controller could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper input validation in the web UI and API endpoint. By injecting specially crafted input during a specific command execution, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Security Bypass
- Denial of Services
- Information Disclosure
- Information Theft
- Privilege Access
Affected Vendors
Cisco
Affected Products
- Cisco Nexus 9500 Series Switches
- Cisco Nexus 9000 Series Fabric Switches in ACI mode
- Cisco N9K-C9372PX-E
- Cisco N9K-C9372TX-E
- Cisco N9K-C9332PQ
- Cisco N9K-C9372PX
- Cisco NX-OS Software
- Cisco Application Policy Infrastructure Controller
- Cisco UCS 6400 Series Fabric Interconnects
- Cisco UCS Manager software
- Cisco Application Policy Infrastructure Controller (APIC)
- Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC)
Remediation
Refer to Cisco Nexus 9500 Series Switches for patch, upgrade or suggested workaround information.
Refer to Cisco Advisory for patch, upgrade or suggested workaround information.
Refer to Cisco Nexus 9000 Series Fabric Switches in ACI mode for patch, upgrade or suggested workaround information.
Refer to Cisco NX-OS Software for patch, upgrade or suggested workaround information.
Refer to Cisco Nexus 9000 Series Fabric Switches for patch, upgrade or suggested workaround information.
Refer to Cisco Nexus 9000 Series Fabric Switches for patch, upgrade or suggested workaround information.
Refer to Cisco Application Policy Infrastructure Controller for patch, upgrade or suggested workaround information.
Refer to Cisco UCS Manager Software for patch, upgrade or suggested workaround information.
Refer to Cisco (APIC) and (Cloud APIC) for patch, upgrade or suggested workaround information.
Refer to Cisco (APIC) and (Cloud APIC) for patch, upgrade or suggested workaround information.
Refer to Cisco Application Policy Infrastructure Controller file upload for patch, upgrade or suggested workaround information.
Refer to Cisco Application Policy Infrastructure Controller for patch, upgrade or suggested workaround information.