Cisco releases patches for several of its products

Cisco has released several patches to mitigate the exposure of its several affected products. A bug in Cisco Aironet 1830 and Cisco Aironet 1850 series found in Cisco products that has access points running the Cisco Mobility Express Software which could enable a remote attacker to gain complete control over the affected devices.

This bug creates the existence of default credentials for an affected device that is running the Cisco Mobility Express Software. This access means that a remote attacker with a layer 3 connectivity could use the SSH to login in to any device with higher privileges. And the attacker could take the whole control of the device.

There was also a bug found in Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) software that could open doors for remote attacker to launch Denial of Service attacks.

Another type of vulnerability was found due to the incomplete IPv6 UDP header validation. According to the notice " An attacker could exploit this vulnerability by sending a crafted IPv6 UDP packet to a specific port on the targeted device," the notice reads. From there, the attacker could " impact the availability of the device as it could unexpectedly reload."

Cisco explained that these flaws were due to the missing internal handler. Cisco also added that these vulnerabilities could be exploited by attackers by accessing a specific hidden URL on the interface that would possibly result in the Denial of Service (DoS) situation.

Cisco has addressed all of the four vulnerabilities and the US-CERT has advised its users and administrators to review the Cisco security advisories and should apply the updates as needed.

Tag : Breach-vulnerability patch
FAQ
Q
What is Cisco OSPF?
A
Routers connect networks using the Internet Protocol (IP), and OSPF (Open Shortest Path First) is a router protocol used to find the best path for packets as they pass through a set of connected networks.
Q
How does OSPF work Cisco?
A
OSPF offers a very distinguishable feature named: Routing Areas. It means dividing routers inside a single autonomous system running OSPF, into areas where each area consists of a group of connected routers.
Q
How does OSPF determine cost in Cisco?
A
OSPF uses a reference bandwidth of 100 Mbps for cost calculation. The formula to calculate the cost is reference bandwidth divided by interface bandwidth.
Q
What are other vulnerabilities available in Cisco releases?
A
Cisco also added that these vulnerabilities could be exploited by attackers by accessing a specific hidden URL on the interface that would possibly result in the Denial of Service (DoS) situation.
Q
What issue resides for WME to access Cisco releases?
A
There was also a bug found in Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) software that could open doors for the remote attacker to launch Denial of Service attacks.