U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Cisco security updates fix dozens of flaws in Nexus Switches

Cisco released security updates to address over two dozen serious vulnerabilities affecting the Cisco Nexus switches. Cisco released security updates to address over two dozen serious vulnerabilities affecting the Cisco Nexus switches, including denial-of-service (DoS) issues, arbitrary code execution and privilege escalation flaws. Cisco published security advisories for most of the vulnerabilities, many of them impact the […]

Cisco released security updates to address over two dozen serious vulnerabilities affecting the Cisco Nexus switches.

Cisco released security updates to address over two dozen serious vulnerabilities affecting the Cisco Nexus switches, including denial-of-service (DoS) issues, arbitrary code execution and privilege escalation flaws.

Cisco published security advisories for most of the vulnerabilities, many of them impact the NX-OS software running on the Nexus switches and on other Cisco devices.

The “high severity” flaws affects the several components, including the Tetration Analytics agent, the LDAP feature, the Image Signature Verification feature, the user account management interface, the command-line interface (CLI), the Bash shell implementation, the FCoE NPV protocol implementation, the file system component, the network stack, the Fabric Services component, the NX-API feature, and the 802.1X implementation.

Cisco Nexus Switches

ome of the flaws could be exploited by a remote, authenticated attacker to execute code to cause a DoS condition on the vulnerable devices.

Many of the vulnerabilities allow local, authenticated attackers to execute arbitrary code as root, elevate privileges, install malware, gain read and write access to an important configuration file, or escape a restricted shell on the device.

Cisco also published an advisory to recommend Cisco Nexus users to secure networks where the PowerOn Auto Provisioning (POAP) feature is enabled or disable the feature.

Cisco Nexus devices support by default the automatic provisioning or zero-touch deployment feature PowerOn Auto Provisioning (POAP), a feature assisting users in automating the initial deployment and configuration of Nexus switches.

“POAP is enabled by default and activates on devices that have no startup configuration or when Perpetual POAP has been configured using the boot poap enable command.” reads the advisory.

“To disable POAP permanently, even when there is no configuration on the system, customers can use the CLI command system no poap. This command ensures that POAP is not started during the next boot, even if there is no configuration.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Cisco Nexus, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]