Official website of NIC-CERT(Computer Emergency Response Team)

NIC-CERT/2018-05/042
Dated: 03-05-2018
CVE IDs: Multiple
Severity: Critical & Medium

 

                                        Advisory on Vulnerabilities in Cisco Multiple Products

A. Description

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

 

Affected Products

The following table gives the list of products affected, CVE IDs and overview of vulnerabilities that have been fixed in the new Software Updates.

 

 

Name of Vulnerability

CVE ID

Affected Products

 

 

 

Cisco WebEx Advanced Recording Format Remote Code Execution Vulnerability

 

 

 

CVE-2018-0264

This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players.

 

The following client builds of Cisco WebEx Business Suite (WBS31 and WBS32), Cisco WebEx Meetings, and Cisco WebEx Meetings Server are affected by the vulnerability described in this advisory:

 

·  Cisco WebEx Business Suite (WBS31) client builds prior to T31.23.4

·  Cisco WebEx Business Suite (WBS32) client builds prior to T32.12

·  Cisco WebEx Meetings with client builds prior to T32.12

·  Cisco WebEx Meeting Server builds prior to 3.0 Patch 1

Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability

 

      CVE-2018-0258

·  Cisco Prime Data Center Network Manager (DCNM) - Version 10.0 and later

·  Cisco Prime Infrastructure (PI) - All versions

 

Cisco Secure Access Control System Remote Code Execution Vulnerability

 

       CVE-2018-0253

This vulnerability affects all releases of Cisco Secure ACS prior to Release 5.8 Patch 7.

 

 

 

Cisco WebEx Clients Remote Code Execution Vulnerability

 

 

 

       CVE-2018-0112

This vulnerability affects clients that are installed by customers when accessing a WebEx meeting. The following client builds of Cisco WebEx Business Suite (WBS30, WBS31, and WBS32), Cisco WebEx Meetings, and Cisco WebEx Meetings Server are impacted by the vulnerability described in this advisory:

·  Cisco WebEx Business Suite (WBS31) client builds prior to T31.23.2

·  Cisco WebEx Business Suite (WBS32) client builds prior to T32.10

·  Cisco WebEx Meetings with client builds prior to T32.10

·  Cisco WebEx Meetings Server builds prior to 2.8 MR2

 

Cisco Wireless LAN Controller 802.11 Management Frame Denial of Service Vulnerability

 

     CVE-2018-0235

 

This vulnerability affects only Cisco Wireless LAN Controllers that are running Cisco Mobility Express Release 8.5.103.0.

 

 Cisco Wireless LAN Controller IP Fragment Reassembly Denial of Service Vulnerability

    

      CVE-2018-0252

 

This vulnerability affects all releases of 8.4 until the first fixed release for the 5500 and 8500 Series Wireless LAN Controllers and releases 8.5.103.0 and 8.5.105.0 for the 3500, 5500, and 8500 Series Wireless LAN Controllers.

 

Cisco Meeting Server Remote Code Execution Vulnerability

 

    CVE-2018-0262

 

This vulnerability affects Cisco Meeting Server (CMS) Acano X-series platforms that are running a CMS Software release prior to 2.2.11.

Cisco Aironet 1810, 1830, and 1850 Series Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability

 

    CVE-2018-0234

This vulnerability affects Cisco Aironet 1810, 1830, and 1850 Series Access Points that are running Cisco Mobility Express Software Release 8.4.100.0, 8.5.103.0, or 8.5.105.0 and are configured as a master, subordinate, or standalone access point.

Cisco Aironet 1800, 2800, and 3800 Series Access Points Secure Shell Privilege Escalation Vulnerability

 

 

    CVE-2018-0226

This vulnerability affects the following Cisco products:

·  Aironet 1800 Series Access Points that are running Cisco Mobility Express Software Releases 8.2.121.0 through 8.5.105.0

·  Aironet 2800 Series Access Points that are running Cisco Mobility Express Software Releases 8.3.102.0 through 8.5.105.0

·  Aironet 3800 Series Access Points that are running Cisco Mobility Express Software Releases 8.3.102.0 through 8.5.105.0

 

Cisco IOS, IOS XE, and IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities

 

     CVE-2018-0167
     CVE-2018-0175

These vulnerabilities affect Cisco devices that are running a vulnerable release of Cisco IOS Software, Cisco IOS XE Software, or Cisco IOS XR Software and are configured to use LLDP. The default state of the LLDP feature is platform- and release-dependent.

 

Cisco Aironet 1800 Series Access Point 802.11 Denial of Service Vulnerability

 

      CVE-2018-0249

This vulnerability affects the following Cisco products:

·       Aironet 1560 Series Access Points

·       Aironet 1810 Series OfficeExtend Access Points

·       Aironet 1810w Series Access Points

·       Aironet 1815 Series Access Points

·       Aironet 1830 Series Access Points

·       Aironet 1850 Series Access Points

 

Cisco 5500 and 8500 Series Wireless LAN Controller Information Disclosure Vulnerability

 

 

   CVE-2018-0245

 

 

This vulnerability affects Cisco Wireless LAN Controller Software.

 

Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability

      

       CVE-2018-0287

 

This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players.

 

Cisco WebEx Recording Format Player Information Disclosure Vulnerability

 

       CVE-2018-0288

This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players.

 

 

Cisco Prime Service Catalog User Interface Denial of Service Vulnerability

 

    CVE-2018-0285

 

 

This vulnerability affects Cisco Prime Service Catalog.

Cisco IOS XR Software netconf Denial of Service Vulnerability

     CVE-2018-0286

This vulnerability affects Cisco IOS XR Software.

Cisco Firepower System Software Transport Layer Security Extensions Denial of Service Vulnerability

 

     CVE-2018-0281

This vulnerability affects Cisco Firepower System Software.

Cisco Firepower System Software Cross-Origin Domain Protection Vulnerability

    

     CVE-2018-0278

This vulnerability affects Cisco Firepower System Software.

 

Cisco Firepower System Software Transport Layer Security Denial of Service Vulnerability

 

     CVE-2018-0283

This vulnerability affects Cisco Firepower System Software

 

 

Cisco Aironet Access Points Central Web Authentication FlexConnect Client ACL Bypass Vulnerability

        

 

     CVE-2018-0250

This vulnerability affects the following Cisco products if they are running a vulnerable release of Central Web Authentication with FlexConnect Access Points Software:

·         Aironet 1560 Series Access Points

·         Aironet 1810 Series OfficeExtend Access Points

·         Aironet 1810w Series Access Points

·         Aironet 1815 Series Access Points

·         Aironet 1830 Series Access Points

·         Aironet 1850 Series Access Points

·         Aironet 2800 Series Access Points

·         Aironet 3800 Series Access Points

 

 

Cisco Wireless LAN Controller and Aironet Access Points IOS WebAuth Client Authentication Bypass Vulnerability

        

 

 

     CVE-2018-0247

At the time of publication, this vulnerability affected Cisco Aironet Access Points running Cisco IOS Software and Cisco Wireless LAN Controller (WLC) releases prior to 8.5.110.0 for the following specific WLC configuration only:

 

·  The Access Point (AP) is configured in FlexConnect Mode with NAT.

·  The WLAN is configured for central switching, meaning the client is being assigned a unique IP address.

·  The AP is configured with a Split Tunnel access control list (ACL) for access to local network resources, meaning the AP is doing the NAT on the connection.

This vulnerability does not apply to .1x clients in the same configuration.

 

Affected users are requested to refer to the following links provided in the “Reference” section and select the appropriate advisory to download the patches or recommended workarounds.

 

 C.  References:

 

NIC-CERT Knowledge Management Repository