Cisco releases a batch of patches for security vulnerabilities in numerous products including Cisco Small Business routers
While for many people September 7 meant finding out about the latest iPhone and Apple Watch, for Cisco it was the day on which it pushed out security patches for various medium- and high-severity vulnerabilities.
The company posted a series of advisory notices in its security center and released four patches for a variety of flaws. The patches address the high-severity CVE-2022-20696, a vulnerability in the binding configuration of Cisco SD-WAN vManage Software, as well as CVE-2022-28199, a flaw in the NVIDIA Data Plane Development Kit. There are also patches for two medium-severity flaws -- CVE-2022-20863, a vulnerability in the messaging interface of Cisco Webex App, and CVE-2022-2092, a vulnerability in the IPSec VPN Server authentication functionality of several Cisco Small Business routers.
- Microsoft releases PowerToys v0.62.0 with THREE amazing new utilities to play with
- Microsoft is planning to release 'Moment' updates to add new features to Windows 11 after 22H2
- Valve bans developer from Steam for using game update notes to share transphobic rant
The most severe vulnerability is the recent discovery by NVIDIA, relating to NVIDIA Data Plane Development Kit (MLNX_DPDK). Cisco says that this security flaw affects various products including Cisco Catalyst 8000V Edge Software, Cisco Catalyst 8000V Edge Software, and Secure Firewall Threat Defense Virtual (formerly FTDv). More information is available here and here.
The second high-severity flaw is a vulnerability in the binding configuration of Cisco SD-WAN vManage Software containers that could allow an unauthenticated, adjacent attacker who has access to the VPN0 logical network to also access the messaging service ports on an affected system. More information is available here.
The company also warned about what it describes as a "configuration issue" in the Splash Page feature (or Captive Portal) in Cisco Meraki MR Series devices. An advisory reads:
A configuration option for the Splash Page feature (also known as Captive Portal) in Cisco Meraki MR Series devices may allow an administrator to configure an 802.11 WLAN in which traffic policies are not applied to clients that are connecting to the network.
The insecure configuration is determined when an administrator configures a WLAN with Splash Page access control and Captive Portal strength is set to Allow non-HTTP traffic prior to sign-on.
While this setup is intended to provide wireless clients with connectivity before they interact with the Splash Page, traffic policies are applied only after the sign on is completed. A malicious user could take advantage of this insecure configuration to circumvent network policies such as firewall rules, content filtering, and traffic shaping that is configured to restrict traffic within the impacted WLAN.
Cisco Meraki does not consider this to be a vulnerability in Cisco Meraki MR Software or in the Splash Page feature. It is considered a configuration issue.
You can see the full listing of Cisco security advisories here.