Attackers can change passwords of Cisco Smart Software Manager On-Prem
Among other things, Cisco is closing a password and root security gap in SSM On-Prem and Secure Email Gateway.
(Image: heise online)
Network equipment supplier Cisco is closing critical security gaps in its products. Admins should install the available patches quickly to protect their systems. Further information on vulnerable and secured versions can be found in the warning messages linked below this message.
Critical vulnerabilities
The most dangerous is a vulnerability (CVE-2024-20419"critical") with the highest CVSS score (10 out of 10) in the user license management software Smart Software Manager On-Prem (SSM On-Prem). Due to errors in the process for changing passwords, remote attackers can exploit the vulnerability without authentication by sending crafted HTTP requests.
If an attack succeeds, an attacker has access to the web API/UI and, according to Cisco, can change passwords of user accounts including admins. The developers state that only SSM On-Prem up to and including 8-202206 is affected. The secured version 8-202212 provides a remedy.
The second"critical" vulnerability (CVE-2024-20401) affects Secure Email Gateway. Because the scanning of email attachments does not work reliably despite activated content filters, remote attackers can send attachments prepared with malicious code without authentication. If this works, they can replace any files in the underlying file system and thus create user accounts with root rights, among other things.
Further dangers
Attacks on Expressway, Identify Services Engine, Intelligent Node Software, Secure Web Appliance, VPN routers and Webex are also possible. Attackers can break into TLS data traffic at these points using a hard-coded key, among other things. The majority of vulnerabilities are classified with a threat level of"high".
List sorted by threat level in descending order:
- Cisco Smart Software Manager On-Prem Password Change Vulnerability
- Cisco Secure Email Gateway Arbitrary File Write Vulnerability
- Cisco Secure Web Appliance Privilege Escalation Vulnerability
- Cisco Intelligent Node Software Static Key Vulnerability
- Cisco Secure Email Gateway Server-Side Template Injection Vulnerability
- Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution Vulnerability
- Cisco Webex App Vulnerabilities
- Cisco Identity Services Engine Arbitrary File Upload Vulnerability
- Cisco Expressway Series Open Redirect Vulnerability
(des)
