Skip to main content

Cisco Releases Security Advisories for Multiple Products

Advisories address vulnerabilities in Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points, Nexus Dashboard Fabric Controller, and Enterprise Chat and Email

Threat ID:
CC-4570
Threat Severity:
Medium
Published:
7 November 2024 4:16 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Advisories address vulnerabilities in Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points, Nexus Dashboard Fabric Controller, and Enterprise Chat and Email

The following platforms are also known to be affected:

Multiple other products are affected. Please see advisories below.

Threat details

Introduction

Cisco has released 15 security advisories addressing multiple vulnerabilities, including one critical and two high severity vulnerabilities affecting various products.

The critical vulnerability affects Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point, a software that uses wireless backhaul technology to connect appliances. The vulnerability enables command injection, which could allow an attacker to execute arbitrary commands with root privileges on the underlying operating system. 

Two high severity vulnerabilities affect Cisco Enterprise Chat and Email, which offers a blended agent for handling of web chat, email and voice interactions, and Cisco Nexus Dashboard Fabric Controller, Cisco's network management platform for all Nexus Operating System enabled deployments. The vulnerabilities could allow an attacker to conduct a denial-of-service (DoS) attack, and read, modify, or delete arbitrary data on an internal database via an SQL injection. 

Additionally, 12 medium severity advisories are outlined below.

Remediation advice

Affected organisations are encouraged to review Cisco's security advisories.

Remediation steps

Type Step
Patch

Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability | cisco-sa-backhaul-ap-cmdinj-R7E28Ecs


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs
Patch

Cisco Nexus Dashboard Fabric Controller SQL Injection Vulnerability | cisco-sa-ndfc-sqli-CyPPAxrL


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-sqli-CyPPAxrL
Patch

Cisco Enterprise Chat and Email Denial of Service Vulnerability | cisco-sa-ece-dos-Oqb9uFEv


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-Oqb9uFEv
Patch

Cisco Identity Services Engine Vulnerabilities | cisco-sa-ise-multi-vulns-AF544ED5)


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5
Patch

Cisco Identity Services Engine Vulnerabilities | cisco-sa-ise-multi-vuln-DBQdWRy


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy
Patch

Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities | cisco-sa-ise-auth-bypass-BBRf7mkE


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE
Patch

Cisco Unified Communications Manager IM & Presence Service Information Disclosure Vulnerability | cisco-sa-imp-inf-disc-cUPKuA5n


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imp-inf-disc-cUPKuA5n
Patch

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerability | cisco-sa-esa-wsa-sma-xss-zYm3f49n


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n
Patch

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability | cisco-sa-epnmpi-sxss-yyf2zkXs


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-yyf2zkXs
Patch

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability | cisco-sa-cucm-xss-SVCkMMW


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-SVCkMMW
Patch

Cisco Meeting Management Information Disclosure Vulnerability | cisco-sa-cmm-info-disc-9ZEMAhGA


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-info-disc-9ZEMAhGA
Patch

Cisco Unified Contact Center Management Portal Stored Cross-Site Scripting Vulnerability | cisco-sa-ccmp-sxss-qBTDBZDD


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccmp-sxss-qBTDBZDD
Patch

Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability | cisco-sa-3550-acl-bypass-mhskZc2q


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q
Patch

Cisco 7800, 8800, and 9800 Series Phones Information Disclosure Vulnerability | cisco-sa-phone-infodisc-sbyqQVbG


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG
Patch

Cisco 6800, 7800, 8800, and 9800 Series Phones with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities | cisco-sa-mpp-xss-8tAV2TvF


https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF

CVE Vulnerabilities

Status Published

CVE-2024-20418

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system. This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device.
Status Published

CVE-2024-20536

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a specific REST API endpoint or web-based management interface. A successful exploit could allow the attacker to read, modify, or delete arbitrary data on an internal database, which could affect the availability of the device.
Status Published

CVE-2024-20484

A vulnerability in the External Agent Assignment Service (EAAS) feature of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of Media Routing Peripheral Interface Manager (MR PIM) traffic that is received by an affected device. An attacker could exploit this vulnerability by sending crafted MR PIM traffic to an affected device. A successful exploit could allow the attacker to trigger a failure on the MR PIM connection between Cisco ECE and Cisco Unified Contact Center Enterprise (CCE), leading to a DoS condition on EAAS that would prevent customers from starting chat, callback, or delayed callback sessions. Note: When the attack traffic stops, the EAAS process must be manually restarted to restore normal operation. To restart the process in the System Console, choose Shared Resources > Services > Unified CCE > EAAS, then click Start.

Last edited: 7 November 2024 4:16 pm