June 24, 2019

Cisco Releases Details of Vulnerability in Cisco TelePresence Recording Server Software

(LiveHacking.Com) — Cisco has released a security advisory and a corresponding applied mitigation bulletin to address vulnerabilities in the Cisco TelePresence Recording Server Software Release  Cisco TelePresence is a in-person communication and collaboration tool.

According to Cisco, Version of its TelePresence Recording Server Software includes a root administrator account that is enabled by default. Successful exploitation of this vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. An attacker could use this account to modify the system configuration and settings by means of an SSH session.

Cisco’s workaround involves the use of  infrastructure access control lists (iACLs) to perform policy enforcement of traffic sent to the equipment. Administrators can construct an iACL to explicitly allow only authorized traffic to be sent to the infrastructure devices. However Cisco point out that the iACL workaround cannot provide complete protection against this vulnerability when the attack originates from a trusted source address.

Cisco Content Delivery System Internet Streamer: Web Server Vulnerability

Cisco has issued a security advisory for its Cisco Content Delivery System (Cisco CDS). The web server component of the Cisco Internet Streamer application contains a vulnerability that can make the web server crash when processing specially crafted URLs. In response Cisco has released a patch.

An unauthenticated attacker may be able to exploit this vulnerability to cause a denial of service condition on the web server that is running on the Service Engine. The device will remain operational, and the Web Engine will restart if the attack stops.


Vulnerability in CiscoWorks Server

A Cisco bug report warns of a critical vulnerability in the LAN Management Product CiscoWorks. According to the report, a buffer overflow in the web server module of the Common Services component allows for the injection and remote execution of arbitrary code. No prior authentication is required.

Read the full story here.