Security Update: Admin Vulnerability Threats Cisco Business Process Automation

Security Update: Admin Vulnerability Threats Cisco Business Process Automation

Cisco software and hardware administrators should study the latest alert messages and apply any applicable security updates to them. Among other things, it affects devices with the iOS operating system and remote maintenance tool Business Process Automation (BPA).

The most dangerous BPAs have two flaws (CVE-2021-1574, CVE-2021-1576). This is where attackers can access vulnerable management interfaces via the Internet. With prepared HTTP requests or reading information from log files, attackers can promote themselves as administrators. Both the gaps are with the level of danger”highCisco claims to have achieved BPA 3.1 against such attacks. The previous issues are said to be susceptible to the attacks described.

Vulnerabilities in iOS and iOS XE and Web Security Tools (WSA) are also classified as high. The iOS vulnerability threatens the Catalyst 4500 and Catalyst 4500X series switches. Due to errors in the processing of bidirectional forwarding detection messages (BFD), attackers can trigger a system restart (DoS attack). WSAs can suppress ready-made XML configuration files and turn authenticated remote attackers into root users.

Successfully “keep up with” attackersmedium“Identity services and classified security gaps in SD-WAN, among others, can leak information they contain.

List sorted by danger level in descending order:


(of)

on home page

READ  SpaceX: SpaceX docked Crew 3 astronauts almost a day after launch on the International Space Station!
More from Laurence Porter
Ubisoft’s Gods & Monsters’ New Name Seemingly Revealed
The new name for the upcoming Greek mythology video clip match Gods...
Read More
Leave a comment

Your email address will not be published. Required fields are marked *