Cisco issues new security advisories affecting its products 2

Cisco security advisories. Cisco has issued 2 new security advisories covering 2 vulnerabilities, which are classified as High and Medium severity respectively, affecting products such as Cisco IOS XR.

Products affected:

Cisco IOS XR 7.5-7.6-7.7

                                                       7.4-7.3-7.1

                                                       7.0-6.6-6.5

Average severity:

CVE-2023-20104 [CVSS: 4.6] Cisco IOS XR Software Boot Loader Unauthenticated Information Disclosure Vulnerability

A vulnerability in GRand Unified Bootloader (GRUB) for Cisco IOS XR software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console via the GRUB bootloader command line.

This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow confidential files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is powered off and on.

Successful exploitation could allow the attacker to view sensitive files that could be used to perform additional attacks against the device.

* Note: Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

High severity:

CVE-2023-20049 [CVSS: 8.6] Cisco IOS XR Software for ASR 9000 Series Routers Bidirectional Forwarding Detection Denial of Service Vulnerability

A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR software for Cisco ASR 9000 series aggregation services routers, ASR 9902 compact high-performance routers, and ASR 9903 compact high-performance routers could allow an unauthenticated remote attacker to cause a line card to reboot, resulting in a denial-of-service (DoS) condition.

This vulnerability is due to mishandling of incorrectly formatted BFD packets received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a manipulated IPv4 BFD packet to an affected device.

Successful exploitation could allow the attacker to trigger line card exceptions or a full reset, resulting in the loss of traffic on that line card while it is being reloaded.

* Note: Cisco has released workarounds that address this vulnerability.

Mitigation:

To mitigate this irregularity, it is recommended to install the manufacturer's updates available in the vendor's official media, prior analysis of the impact it could have on your organization's business-critical services. To do so, consult with your technical staff or corresponding resolution areas.

Cisco security advisories

Cyber incidents caused by the "human factor" are often attributed to occasional employee error, but a more important element is often overlooked: deliberate malicious behavior by staff.

The leak contains user data from LinkedIn, Twitter, Weibo, Tencent and other platforms, is almost certainly the largest ever discovered.

Share

Facebook
Twitter
LinkedIn

Related articles

Contact us at
close slider