The Latest in IT Security

Cisco Fixes DoS, Authentication Bypass Vulnerabilities, OSPF Bug

04
Aug
2017

cisco-fixes-dos-authentication-bypass-vulnerabilities-ospf-bug

Cisco fixed 15 vulnerabilities this week in more than a dozen products, including two high severity vulnerabilities that could have let an attacker trigger a denial of service condition or bypass local authentication.

The more severe bugs fixed on Wednesday exist in the company’s Identity Services Engine and its Videoscape Distribution Suite. The bypass, which exists in ISE, a network administration product, stems from the improper handling of authentication requests and policy assignment. If an attacker wanted to exploit the vulnerability they could authenticate with a valid external user account that matches an internal username and incorrectly receive the authorization policy of the internal account. If successful the exploit would grant the attacker Super Admin privileges for the engine’s admin portal, Cisco said.

Read More

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments