Cisco Updates
2536Warning Date
Severity Level
Warning Number
Target Sector
19 November, 2020
● High
2020-2094
All
Description:
Cisco has released security updates to address several vulnerabilities in the following products:
- Cisco Webex Meetings
- Cisco IMC
- 5000 Series Enterprise Network Compute System (ENCS) Platforms
- UCS C-Series Rack Servers in standalone mode
- UCS E-Series Servers
- UCS S-Series Servers in standalone mode
- Cisco DNA Spaces Connector software
- Release 2.2 and prior
- Cisco IoT FND
- releases earlier than Release 4.6.1.
- Cisco AsyncOS for the Secure Web Appliance, both virtual and hardware appliances.
- Cisco Webex Meetings
- Cisco Telepresence CE Software
- Cisco RoomOS Software
- Cisco Expressway Series
- Cisco TelePresence Video Communication Server (VCS)
- running a software release earlier than Release X12.6.3
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Join a Webex meeting as a "ghost user", invisible to others on the participant list, but with full access to audio, video, chats, and screen sharing.
- Remain in a Webex meeting as a ghost audio user even after being expelled from it.
- Obtain information on meeting participants, such as full names, email addresses, and IP addresses. This information could also be obtained from the meeting room lobby, even before the attacker was admitted to a call.
- Code execution with root privileges
- Privileges escalation with root privileges
- Code Injection with root privileges
- Cross-site scripting (XSS)
- Improper Input Validation
- Obtain sensitive information
Best practice and Recommendations:
Cisco Webex Meeting:
- Cloud-Based Services
- No user action is required
- On-Premises Software
- The CERT team encourages users to review the following Cisco security advisory:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-meetings-xss-MX56prER
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-infodisc-4tvQzn4
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-info-leak-PhpzB3sG
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-auth-token-3vg57A5r
- The CERT team encourages users to review the following Cisco security advisory:
To update the affected versions for the rest of the products, please check the details below:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-api-rce-UXwpeDHd
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dna-cmd-injection-rrAYzOwc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-BCK-GHkPNZ5F
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-prv-esc-nPzWZrQj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-AUTH-vEypBmmR
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-APIA-xZntFS2V
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tp-uathracc-jWNESUfM
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-XSS-NzOPCGEc
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-UPWD-dCRPuQ78
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-SSI-V2myWX9y
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-SQL-zEkBnL2h
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-PWH-yCA6M7p
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-OVW-SHzOE3Pd
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-FND-LV-hE4Rntet
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-Expressway-8J3yZ7hV