I hope yo' r' not runnnin' fxos n' nx-os software cisco fabric services

Started by icecream-guy, June 21, 2018, 06:15:54 AM

Previous topic - Next topic

icecream-guy

released yesterday, top 5 are critical.

•   Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability cisco-sa-20180620-nxos-bo
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxnxos-fab-ace
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxnxos-ace
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fx-os-fabric-execution
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability cisco-sa-20180620-fx-os-cli-execution
•   Cisco NX-OS Software CLI Arbitrary Command Injection Vulnerability cisco-sa-20180620-nx-os-cli-injection
•   Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability cisco-sa-20180620-nxossnmp
•   Cisco NX-OS Software Role-Based Access Control Elevated Privileges Vulnerability cisco-sa-20180620-nxosrbac
•   Cisco NX-OS Software Internet Group Management Protocol Snooping Remote Code Execution and Denial of Service Vulnerability cisco-sa-20180620-nxosigmp
•   Cisco NX-OS Software Border Gateway Protocol Denial of Service Vulnerability cisco-sa-20180620-nxosbgp
•   Cisco FXOS and NX-OS Software Unauthorized Administrator Account Vulnerability cisco-sa-20180620-nxosadmin
•   Cisco NX-OS Software NX-API Privilege Escalation Vulnerability cisco-sa-20180620-nxos-nxapi
•   Cisco FXOS, NX-OS, and UCS Manager Software Cisco Discovery Protocol Denial of Service Vulnerability cisco-sa-20180620-nxos-cdp
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-20180620-nx-os-fabric-dos
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-20180620-nx-os-fabric-services-dos
•   Cisco NX-OS Software CLI Arbitrary Command Execution Vulnerability cisco-sa-20180620-nx-os-cli-execution
•   Cisco NX-OS Software NX-API Arbitrary Command Execution Vulnerability cisco-sa-20180620-nx-os-api-execution
•   Cisco Nexus 4000 Series Switch Simple Network Management Protocol Polling Denial of Service Vulnerability cisco-sa-20180620-n4k-snmp-dos
•   Cisco Nexus 3000 and 9000 Series CLI and Simple Network Management Protocol Polling Denial of Service Vulnerability cisco-sa-20180620-n3k-n9k-clisnmp
•   Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service Vulnerability cisco-sa-20180620-fxos-dos
•   Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxos-ace
•   Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution Vulnerability cisco-sa-20180620-fxnxos-dos
•   Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability cisco-sa-20180620-fx-os-fabric-dos
•   Cisco Firepower 4100 Series Next-Generation Firewall and Firepower 9300 Security Appliance Path Traversal Vulnerability cisco-sa-20180620-firepwr-pt
:professorcat:

My Moral Fibers have been cut.

deanwebb

Good news is that Cisco actually releases these notices on a regular schedule so that we can be aware of the issues and know what to do.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.