Security Update: Admin Vulnerability Threats Cisco Business Process Automation

Security Update: Admin Vulnerability Threats Cisco Business Process Automation

Cisco software and hardware administrators should study the latest alert messages and apply any applicable security updates to them. Among other things, it affects devices with the iOS operating system and remote maintenance tool Business Process Automation (BPA).

The most dangerous BPAs have two flaws (CVE-2021-1574, CVE-2021-1576). This is where attackers can access vulnerable management interfaces via the Internet. With prepared HTTP requests or reading information from log files, attackers can promote themselves as administrators. Both the gaps are with the level of danger”highCisco claims to have achieved BPA 3.1 against such attacks. The previous issues are said to be susceptible to the attacks described.

Vulnerabilities in iOS and iOS XE and Web Security Tools (WSA) are also classified as high. The iOS vulnerability threatens the Catalyst 4500 and Catalyst 4500X series switches. Due to errors in the processing of bidirectional forwarding detection messages (BFD), attackers can trigger a system restart (DoS attack). WSAs can suppress ready-made XML configuration files and turn authenticated remote attackers into root users.

Successfully “keep up with” attackersmedium“Identity services and classified security gaps in SD-WAN, among others, can leak information they contain.

List sorted by danger level in descending order:


(of)

on home page

READ  A new legacy beats 'em in retro look for Xbox and PC • Eurogamer.de
More from Laurence Porter

The choice of gender does not affect the plot

“Far Cry 6” is one of the many games that meanwhile allows...
Read More

Leave a Reply

Your email address will not be published. Required fields are marked *