Apache Struts remote code execution vulnerability that is existence exploited inwards the wild.
Out of the balance 29 vulnerabilities, 14 are rated high as well as xv medium inwards severity, addressing safety flaws inwards Cisco Routers, Cisco Webex, Cisco Umbrella, Cisco SD-WAN Solution, Cisco Cloud Services Platform, Cisco Data Center Network, as well as to a greater extent than products.
The 3 critical safety vulnerabilities patched past times Cisco address issues inwards Apache Struts, Cisco Umbrella API, as well as Cisco RV110W, RV130W as well as RV215W router's administration interface.
The vulnerability, reported belatedly final calendar month past times Semmle safety researcher Man Yue Mo, resides inwards the essence of Apache Struts as well as originates due to insufficient validation of user-provided untrusted inputs inwards the essence of the Struts framework nether for certain configurations.
All applications that usage Apache Struts—supported versions (Struts 2.3 to Struts 2.3.34, as well as Struts 2.5 to Struts 2.5.16) as well as fifty-fifty about unsupported Apache Struts versions—are potentially vulnerable to this flaw, fifty-fifty when no additional plugins receive got been enabled.
Apache Struts patched the vulnerability alongside the unloosen of Struts versions 2.3.35 as well as 2.5.17 final month. Now, Cisco has also released fixes to address the number inwards its several products. You tin depository fiscal establishment agree the listing of vulnerable Cisco products here.
Since at that spot are no workarounds for this issue, organizations as well as developers are strongly advised to update their Struts components equally presently equally possible.
The minute critical vulnerability patched past times Cisco resides inwards the Cisco Umbrella API that could permit an authenticated, remote assailant to persuasion as well as modification information across their arrangement equally good equally other organizations.
Cisco Umbrella is a cloud safety platform that provides the get-go business of defence against threats over all ports as well as protocols past times blocking access to malicious domains, URLs, IPs, as well as files earlier a connection is always established or a file is downloaded.
The vulnerability resides due to insufficient authentication configurations for the API interface of Cisco Umbrella, as well as successful exploitation could permit an assailant to read or modification information across multiple organizations.
Cisco has patched the vulnerability addressed this vulnerability inwards the Cisco Umbrella production APIs. No user activity is required.
The last, simply non the least, critical vulnerability resides inwards the web-based administration interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, as well as Cisco RV215W Wireless-N VPN Router that could permit an unauthenticated, remote assailant to execute arbitrary code or drive a DoS condition.
The flaw occurs due to improper boundary restrictions on user-supplied input inwards the Guest user characteristic of the web-based administration interface.
To exploit this vulnerability, an assailant tin post malicious requests to a targeted device, triggering a buffer overflow condition.
This vulnerability affects all releases of Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, as well as RV215W Wireless-N VPN Router.
Cisco has addressed this vulnerability inwards firmware unloosen 1.0.3.44 for the Cisco RV130W Wireless-N Multifunction VPN Router, as well as volition non unloosen firmware updates for the Cisco RV110W Wireless-N VPN Firewall as well as Cisco RV215W Wireless-N VPN Router.
According to the company's Product Security Incident Response Team (PSIRT), Apache Struts is existence exploited inwards the wild, piece the squad is non aware of whatever exploits leveraging the other 2 critical flaws.
The Bottom Line: Patch! Patch! Patch!
Out of the balance 29 vulnerabilities, 14 are rated high as well as xv medium inwards severity, addressing safety flaws inwards Cisco Routers, Cisco Webex, Cisco Umbrella, Cisco SD-WAN Solution, Cisco Cloud Services Platform, Cisco Data Center Network, as well as to a greater extent than products.
The 3 critical safety vulnerabilities patched past times Cisco address issues inwards Apache Struts, Cisco Umbrella API, as well as Cisco RV110W, RV130W as well as RV215W router's administration interface.
Apache Struts Remote Code Execution Vulnerability (CVE-2018-11776)
The vulnerability, reported belatedly final calendar month past times Semmle safety researcher Man Yue Mo, resides inwards the essence of Apache Struts as well as originates due to insufficient validation of user-provided untrusted inputs inwards the essence of the Struts framework nether for certain configurations.
"The vulnerability exists because the affected software insufficiently validates user-supplied input, allowing the usage of results alongside no namespace value as well as the usage of url tags alongside no value or action," Cisco explains inwards its advisory.
"In cases where upper actions or configurations also receive got no namespace or a wildcard namespace, an assailant could exploit this vulnerability past times sending a asking that submits malicious input to the affected application for processing."An unauthenticated, remote assailant tin trigger the vulnerability past times tricking victims to take in a particularly crafted URL on the affected spider web server, allowing the assailant to execute malicious code as well as eventually accept consummate command over the targeted server running the vulnerable application.
All applications that usage Apache Struts—supported versions (Struts 2.3 to Struts 2.3.34, as well as Struts 2.5 to Struts 2.5.16) as well as fifty-fifty about unsupported Apache Struts versions—are potentially vulnerable to this flaw, fifty-fifty when no additional plugins receive got been enabled.
Apache Struts patched the vulnerability alongside the unloosen of Struts versions 2.3.35 as well as 2.5.17 final month. Now, Cisco has also released fixes to address the number inwards its several products. You tin depository fiscal establishment agree the listing of vulnerable Cisco products here.
Advertiser
Since at that spot are no workarounds for this issue, organizations as well as developers are strongly advised to update their Struts components equally presently equally possible.
Cisco Umbrella API Unauthorized Access Vulnerability (CVE-2018-0435)
The minute critical vulnerability patched past times Cisco resides inwards the Cisco Umbrella API that could permit an authenticated, remote assailant to persuasion as well as modification information across their arrangement equally good equally other organizations.
Cisco Umbrella is a cloud safety platform that provides the get-go business of defence against threats over all ports as well as protocols past times blocking access to malicious domains, URLs, IPs, as well as files earlier a connection is always established or a file is downloaded.
The vulnerability resides due to insufficient authentication configurations for the API interface of Cisco Umbrella, as well as successful exploitation could permit an assailant to read or modification information across multiple organizations.
Cisco has patched the vulnerability addressed this vulnerability inwards the Cisco Umbrella production APIs. No user activity is required.
Cisco Routers Management Interface Buffer Overflow Vulnerability (CVE-2018-0423)
The last, simply non the least, critical vulnerability resides inwards the web-based administration interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, as well as Cisco RV215W Wireless-N VPN Router that could permit an unauthenticated, remote assailant to execute arbitrary code or drive a DoS condition.
The flaw occurs due to improper boundary restrictions on user-supplied input inwards the Guest user characteristic of the web-based administration interface.
To exploit this vulnerability, an assailant tin post malicious requests to a targeted device, triggering a buffer overflow condition.
"A successful exploit could permit the assailant to drive the device to halt responding, resulting inwards a denial of service condition, or could permit the assailant to execute arbitrary code," the fellowship explains.
This vulnerability affects all releases of Cisco RV110W Wireless-N VPN Firewall, RV130W Wireless-N Multifunction VPN Router, as well as RV215W Wireless-N VPN Router.
Cisco has addressed this vulnerability inwards firmware unloosen 1.0.3.44 for the Cisco RV130W Wireless-N Multifunction VPN Router, as well as volition non unloosen firmware updates for the Cisco RV110W Wireless-N VPN Firewall as well as Cisco RV215W Wireless-N VPN Router.
According to the company's Product Security Incident Response Team (PSIRT), Apache Struts is existence exploited inwards the wild, piece the squad is non aware of whatever exploits leveraging the other 2 critical flaws.
The Bottom Line: Patch! Patch! Patch!