Cisco software and hardware administrators should study the latest alert messages and apply any applicable security updates to them. Among other things, it affects devices with the iOS operating system and remote maintenance tool Business Process Automation (BPA).
particularly dangerous vulnerabilities
The most dangerous BPAs have two flaws (CVE-2021-1574, CVE-2021-1576). This is where attackers can access vulnerable management interfaces via the Internet. With prepared HTTP requests or reading information from log files, attackers can promote themselves as administrators. Both the gaps are with the level of danger”highCisco claims to have achieved BPA 3.1 against such attacks. The previous issues are said to be susceptible to the attacks described.
Vulnerabilities in iOS and iOS XE and Web Security Tools (WSA) are also classified as high. The iOS vulnerability threatens the Catalyst 4500 and Catalyst 4500X series switches. Due to errors in the processing of bidirectional forwarding detection messages (BFD), attackers can trigger a system restart (DoS attack). WSAs can suppress ready-made XML configuration files and turn authenticated remote attackers into root users.
Successfully “keep up with” attackersmedium“Identity services and classified security gaps in SD-WAN, among others, can leak information they contain.
List sorted by danger level in descending order:
Internet fan. Alcohol expert. Beer ninja. Organizer. Certified tv specialist. Explorer. Social media nerd.