Cisco Systems has issued two critical advisories addressing flaws in a variety of enterprise-class products ranging from its 900 Series Routers to its Cisco Prime Home server and cloud-based network management platform.
Service providers running Cisco ASR 900 Series routers are being warned that a vulnerability in the Transaction Language 1 (TL1) code of the router could allow an unauthenticated, remote attacker to cause a reload of, or remotely execute code on, the affected system, according to the advisory.
Cisco said software updates are available to patch the flaw (CVE-2016-6441) and that workarounds are also available that address the security vulnerability.
An additional critical authentication bypass vulnerability was identified in the web-based graphical user interface of its Cisco Prime Home. “(The) vulnerability could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges,” Cisco warned.
The flaw (CVE-2016-6452) is tied to a URL processing error in the system that could allow an attacker to send a crafted HTTP request to a specific URL. That creates conditions for an attacker to “obtain a valid session identifier for an arbitrary user, which would allow the attacker to perform any actions in Cisco Prime Home for which that user is authorized—including users with administrator privileges,” Cisco wrote.
A software patch is available to address this vulnerability, but no workaround is available.
In addition to the aforementioned, Cisco warned of two additional vulnerabilities rated as high. Both vulnerabilities are tied to its Cisco Meeting Server product lines. One of the flaws (CVE-2016-6447) is a buffer underflow vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. Those systems include:
- Cisco Meeting Server releases prior to 2.0.1
- Acano Server releases prior to 1.8.16 and prior to 1.9.3
- Cisco Meeting App releases prior to 1.9.8
- Acano Meeting Apps releases prior to 1.8.35
Cisco is also warning of a buffer overflow vulnerability, rated high, in the 2.0.3 version of its Cisco Meeting Server and versions of its Acano Server releases. “A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system,” Cisco said.
Cisco said it has released a software update for the vulnerability (CVE-2016-6448) and that there are no workaround fixes to resolve the flaw.
Five additional flaws rated medium were reported by Cisco ranging from a local command injection vulnerability (CVE-2016-6459) in its Cisco TelePresence hardware to DoS vulnerability (CVE-2016-6360) in its Cisco Email and Web Security appliance.
