Сisсо Сhаnnеl

The second edition of Cisco's AI Readiness Index, a double-blind survey of almost 8000 leaders who work with AI, measures the readiness of global companies to adapt, deploy and fully leverage the power of AI.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco 2024 AI Readiness Index
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-2024-ai-readiness-index.html?source=rss

Cisco's 2024 AI Readiness Index: Urgency Rises, Readiness Falls
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-2024-ai-readiness-index-urgency-rises-readiness-falls.html?source=rss

The report explores how prepared organizations are to invest in, deploy and use AI.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

True Videos is back!

Join today for Politics, News, Memes, War videos and more!

Join here > @TVids

Global gaming and entertainment company MGM Resorts International signs a Whole Portfolio Agreement with Cisco to deliver next-generation guest experiences.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco and MGM Resorts International Sign Multi-Year Agreement
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-and-mgm-resorts-international-sign-multi-year-agreement.html?source=rss

🤙Cisco community channel and group:
@Cisco
@CiscoChat

💥Other Cisco related Channels and groups:
@ciscoAcademy
@spotociscoclub

Qubes OS Community Channel and group:
@QubesOS
@QubesChat

Off topic chats:
@PublicChatrooms

Games:
@hamstEr_kombat_bot
@CatizenBot

Other Channels:
@telemojis
@TheTGTimes
@TVids - True Videos

▪️▫️▪️▫️▪️▫️▪️▫️▪️▫️▪️
Join @Net3A for more channels and groups.

Cisco to Participate in RBC Conference
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-to-participate-in-rbc-conference.html?source=rss

Cisco today announced that it will participate in the following event with the financial community
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

With Wi-Fi 7, the wireless revolution is poised for yet another leap forward. Here’s a look back — and forward — at some key milestones in its history.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

The innovative past and brilliant future of Wi-Fi
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/the-innovative-past-and-brilliant-future-of-wi-fi.html?source=rss

‘Going Beyond’, Cisco’s networking, security, observability, and collaboration solutions future-proof businesses against today’s challenges — and tomorrow’s.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco Live Melbourne: network innovations for an AI world
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-live-melbourne-network-innovations-for-an-ai-world.html?source=rss

Cisco reported first quarter revenue of $13.8 billion, net income on a generally accepted accounting principles (GAAP) basis of $2.7 billion or $0.68 per share, and non-GAAP net income of $3.7 billion or $0.91 per share.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco Reports First Quarter Earnings
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-reports-first-quarter-earnings.html?source=rss

Cisco and LTIMindtree Expand Partnership to Deliver Next-Generation Secure Access Globally
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco and LTIMindtree Expand Partnership to Deliver Next-Generation Secure Access Globally
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-and-ltimindtree-expand-partnership-to-deliver-next-generation-secure-access-globally.html?source=rss

Cisco's EVP and Chief Product Officer, Jeetu Patel, discusses the future of Wi-Fi 7 and how It's not just about faster speeds—it's about smarter, more secure, and adaptable networks.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

The future of work is here with Wi-Fi 7
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/the-future-of-work-is-here-with-wi-fi-7.html?source=rss

Introducing zero-friction wireless for smarter workplaces
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/introducing-zero-friction-wireless-for-smarter-workplaces.html?source=rss

As AI reshapes technology and redefines what’s possible, organizations need a network that doesn’t just keep up—but leads.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco Introduces Intelligent, Secure and Assured Wi-Fi 7 to Transform Employee and Customer Experiences
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-introduces-intelligent-secure-and-assured-wi-fi-7.html?source=rss

Introducing new intelligent, secure & assured wireless innovations, with Wi-Fi 7 access points & unified licensing that can enable smart spaces out-of-the-box.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Logicalis becomes the first global partner to launch Cisco XDR as a managed service 
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/logicalis-becomes-the-first-global-partner-to-launch-cisco-xdr-as-a-managed-service.html?source=rss

Logicalis is first global partner to launch Cisco XDR as a Managed Service, offering advanced cyberattack visibility, AI automation, and threat intelligence.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Listen up!

Cisco and the OECD: Building the World's First Full Picture of Digital Well-being
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m11/cisco-oecd-digital-well-being.html?source=rss

Cisco and the OECD launch the Digital Well-being Hub to holistically study technology's impact on well-being and shape inclusive digital policies.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Pass it on!

DONALD TRUMP IS THE 47TH PRESIDENT OF THE UNITED STATES!!!!!

Cisco Unified Communications Manager IM & Presence Service Information Disclosure Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imp-inf-disc-cUPKuA5n?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Communications%20Manager%20IM%20&%20Presence%20Service%20Information%20Disclosure%20Vulnerability%26vs_k=1

A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system.
This vulnerability is due to the storage of unencrypted credentials in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to access sensitive information from the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-imp-inf-disc-cUPKuA5n

Security Impact Rating: Medium


CVE: CVE-2024-20457

Cisco 7800, 8800, and 9800 Series Phones Information Disclosure Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%207800,%208800,%20and%209800%20Series%20Phones%20Information%20Disclosure%20Vulnerability%26vs_k=1

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device.
This vulnerability is due to improper storage of sensitive information within the web UI of Session Initiation Protocol (SIP)-based phone loads. An attacker could exploit this vulnerability by browsing to the IP address of a device that has Web Access enabled. A successful exploit could allow the attacker to access sensitive information, including incoming and outgoing call records.
Note: Web Access is disabled by default.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-infodisc-sbyqQVbG


Security Impact Rating: Medium


CVE: CVE-2024-20445

Cisco Identity Services Engine Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface, perform a path traversal attack, read and delete arbitrary files on an affected device, or conduct a server-side request forgery (SSRF) attack through the device.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Identity Services Engine Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vuln-DBQdWRy

Security Impact Rating: Medium


CVE: CVE-2024-20525,CVE-2024-20527,CVE-2024-20528,CVE-2024-20529,CVE-2024-20530,CVE-2024-20531,CVE-2024-20532

Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Authorization%20Bypass%20and%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to conduct an authorization bypass attack and cross-site scripting (XSS) attacks against a user of the web-based management interface on an affected device.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Identity Services Engine Authorization Bypass and Cross-Site Scripting Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-BBRf7mkE

Security Impact Rating: Medium


CVE: CVE-2024-20537,CVE-2024-20538,CVE-2024-20539

Cisco Identity Services Engine Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to either bypass the authorization mechanisms or conduct a cross-site scripting (XSS) attack.
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Identity Services Engine Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5

Security Impact Rating: Medium


CVE: CVE-2024-20476,CVE-2024-20487

Cisco 6800, 7800, 8800, and 9800 Series Phones with Multiplatform Firmware Stored Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%206800,%207800,%208800,%20and%209800%20Series%20Phones%20with%20Multiplatform%20Firmware%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 6800, 7800, and 8800 Series, and Cisco Video Phone 8875 with Cisco Multiplatform Firmware could allow an authenticated, remote attacker to conduct stored cross-site scripting (XSS) attacks against users.
These vulnerabilities exist because the web UI of an affected device does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Note: To exploit these vulnerabilities, Web Access must be enabled on the phone and the attacker must have Admin credentials on the device. Web Access is disabled by default.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mpp-xss-8tAV2TvF

Security Impact Rating: Medium


CVE: CVE-2024-20533,CVE-2024-20534

Cisco Nexus Dashboard Fabric Controller SQL Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-sqli-CyPPAxrL?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%20Dashboard%20Fabric%20Controller%20SQL%20Injection%20Vulnerability%26vs_k=1

A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, remote attacker with read-only privileges to execute arbitrary SQL commands on an affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a specific REST API endpoint or web-based management interface. A successful exploit could allow the attacker to read, modify, or delete arbitrary data on an internal database, which could affect the availability of the device. 

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndfc-sqli-CyPPAxrL

Security Impact Rating: High


CVE: CVE-2024-20536

Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Industrial%20Wireless%20Software%20for%20Ultra-Reliable%20Wireless%20Backhaul%20Access%20Point%20Command%20Injection%20Vulnerability%26vs_k=1

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points could allow an unauthenticated, remote attacker to perform command injection attacks with root privileges on the underlying operating system.
This vulnerability is due to improper validation of input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-backhaul-ap-cmdinj-R7E28Ecs

Security Impact Rating: Critical


CVE: CVE-2024-20418

Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Email%20and%20Web%20Manager,%20Secure%20Email%20Gateway,%20and%20Secure%20Web%20Appliance%20Stored%20Cross-Site%20Scripting%20Vulnerability%26vs_k=1

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-wsa-sma-xss-zYm3f49n


Security Impact Rating: Medium


CVE: CVE-2024-20504

Cisco Nexus 3550-F Switches Access Control List Programming Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%203550-F%20Switches%20Access%20Control%20List%20Programming%20Vulnerability%26vs_k=1

A vulnerability in the access control list (ACL) programming of Cisco Nexus 3550-F Switches could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management interface of an affected device. 
This vulnerability exists because ACL deny rules are not properly enforced at the time of device reboot. An attacker could exploit this vulnerability by attempting to send traffic to the management interface of an affected device. A successful exploit could allow the attacker to send traffic to the management interface of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3550-acl-bypass-mhskZc2q

Security Impact Rating: Medium


CVE: CVE-2024-20371

AB sits with Matt Caulfield, VP of Identity and Duo at Cisco Security, for an informative discussion on MFA, social engineering, and AI in identity security.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Talking identity security, MFA, and the vision and strategy for Cisco’s identity portfolio with Matt Caulfield
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/talking-identity-security-mfa-and-the-vision-and-strategy-for-cisco-identity-portfolio-with-matt-caulfield.html?source=rss

Learn how Cisco is moving Forward as One with AI, future-proofing workplaces, and the new Cisco 360 Partner Plan. Hear from Cisco executives and partners!
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco News Now: Partner Summit Edition
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-news-now-partner-summit-edition.html?source=rss

Cisco’s 2024 Consumer Privacy Survey reveals heightened risk awareness, support for thoughtful regulations, and insights on building trust.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

How safe is our data? Consumers want to know
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/how-safe-is-our-data-consumers-want-to-know.html?source=rss

Cisco Consumer Privacy Survey is an annual review of consumer behavior regarding privacy. It highlights the role of privacy awareness in fostering trust in AI.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

New Cisco Survey Shows Strong Relationship Between Privacy Awareness and Trust in AI
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-survey-shows-strong-relationship-between-privacy-awareness-and-trust-in-ai.html?source=rss

Power your GenAI ambitions with new Cisco AI-ready data center infrastructure
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/power-your-genai-ambitions-with-new-cisco-ai-ready-data-center-infrastructure.html?source=rss

AI may hold the keys for your organization to unlock new levels of efficiency, insight, and value creation.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco crisis response: reinstating connectivity to communities Impacted by Hurricane Helene
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-crisis-response-reinstating-connectivity-to-communities-impacted-by-hurricane-helene.html?source=rss

Cisco Crisis Response powers an inclusive future by using our people, resources, tech, and partnerships to connect and empower crisis-affected communities.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco Unveils Plug-and-Play AI Solutions, Accelerating AI Adoption for the Enterprise
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco Adaptive Security Appliance and Firepower Threat Defense Software AnyConnect Access Control List Bypass Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20AnyConnect%20%20Access%20Control%20List%20Bypass%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device.
These vulnerabilities are due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit these vulnerabilities by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-acl-bypass-VvnLNKqf
This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).

Security Impact Rating: Medium


CVE: CVE-2024-20297,CVE-2024-20299

Cisco News in 60 Seconds: What you need to know about WebexOne 2024
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m10/cisco-news-in-60-seconds-what-you-need-to-know-about-webexone-2024.html?source=rss

Catch up on all the latest news from WebexOne 2024. See how Cisco and Apple have come together to create immersive video experiences.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss)

Cisco Adaptive Security Appliance and Firepower Threat Defense Software VPN Web Client Services Cross-Site Scripting Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20VPN%20Web%20Client%20Services%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device.
These vulnerabilities are due to improper validation of user-supplied input to application endpoints. An attacker could exploit these vulnerabilities by persuading a user to follow a link designed to submit malicious input to the affected application. A successful exploit could allow the attacker to execute arbitrary HTML or script code in the browser in the context of the web services page. 
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-yjj7ZjVq

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).



Security Impact Rating: Medium


CVE: CVE-2024-20341,CVE-2024-20382

Cisco Secure Client Software Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Client%20Software%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of Cisco Secure Client.
This vulnerability is due to an integer underflow condition. An attacker could exploit this vulnerability by sending a crafted IKEv2 packet to an affected system. A successful exploit could allow the attacker to cause Cisco Secure Client Software to crash, resulting in a DoS condition on the client software.
Note: Cisco Secure Client Software releases 4.10 and earlier were known as Cisco AnyConnect Secure Mobility Client.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csc-dos-XvPhM3bj


Security Impact Rating: Medium


CVE: CVE-2024-20474

Cisco Adaptive Security Appliance Software SSH Server Resource Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20Software%20SSH%20Server%20Resource%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the SSH server of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for the SSH server of an affected device.
This vulnerability is due to a logic error when an SSH session is established. An attacker could exploit this vulnerability by sending crafted SSH messages to an affected device. A successful exploit could allow the attacker to exhaust available SSH resources on the affected device so that new SSH connections to the device are denied, resulting in a DoS condition. Existing SSH connections to the device would continue to function normally. The device must be rebooted manually to recover. However, user traffic would not be impacted and could be managed using a remote application such as Cisco Adaptive Security Device Manager (ASDM).

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ssh-dos-eEDWu5RM

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20526

Cisco Firepower Threat Defense Software for Firepower 2100 Series TLS Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20for%20Firepower%202100%20Series%20TLS%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to an issue that occurs when TLS traffic is processed. An attacker could exploit this vulnerability by sending certain TLS traffic over IPv4 through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition and impacting traffic to and through the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-dos-QXYE5Ufy

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20339

Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20Vulnerability%20Database%20with%20Snort%20Detection%20Engine%20Security%20Policy%20Bypass%20and%20Denial%20of%20Service%20Issue%26vs_k=1

An issue with a Cisco Vulnerability Database (VDB) release for Cisco Firepower Threat Defense (FTD) Software could cause the Snort detection engine to restart unexpectedly when inspecting traffic. While the Snort detection engine is restarting, traffic could bypass Snort inspection or be dropped, depending on the device configuration. For more information, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Firepower Threat Defense Software Vulnerability Database with Snort Detection Engine Security Policy Bypass and Denial of Service Issue%26vs_k=1#details) section of this advisory.
The Snort 2 and Snort 3 detection engines are both affected. The Snort detection engine will restart automatically. No manual intervention is required.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-vdb-snort-djj4cnbR

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Informational

Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Appliances TCP UDP Snort 2 and Snort 3 Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20for%20Cisco%20Firepower%202100%20Series%20Appliances%20TCP%20UDP%20Snort%202%20and%20Snort%203%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly.
This vulnerability is due to improper memory management when the Snort detection engine processes specific TCP or UDP packets. An attacker could exploit this vulnerability by sending crafted TCP or UDP packets through a device that is inspecting traffic using the Snort detection engine. A successful exploit could allow the attacker to restart the Snort detection engine repeatedly, which could cause a denial of service (DoS) condition. The DoS condition impacts only the traffic through the device that is examined by the Snort detection engine. The device can still be managed over the network.
Note: Once a memory block is corrupted, it cannot be cleared until the Cisco Firepower 2100 Series Appliance is manually reloaded. This means that the Snort detection engine could crash repeatedly, causing traffic that is processed by the Snort detection engine to be dropped until the device is manually reloaded.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd2100-snort-dos-M9HuMt75

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20330

Cisco Firepower Threat Defense Software and Cisco FirePOWER Services TCP/IP Traffic with Snort 2 and Snort 3 Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20and%20Cisco%20FirePOWER%20Services%20TCP/IP%20Traffic%20with%20Snort%202%20and%20Snort%203%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the TCP/IP traffic handling function of the Snort Detection Engine of Cisco Firepower Threat Defense (FTD) Software and Cisco FirePOWER Services could allow an unauthenticated, remote attacker to cause legitimate network traffic to be dropped, resulting in a denial of service (DoS) condition.
This vulnerability is due to the improper handling of TCP/IP network traffic. An attacker could exploit this vulnerability by sending a large amount of TCP/IP network traffic through the affected device. A successful exploit could allow the attacker to cause the Cisco FTD device to drop network traffic, resulting in a DoS condition. The affected device must be rebooted to resolve the DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort-fw-BCJTZPMu

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20351

Cisco Firepower Threat Defense Software TCP Snort 3 Detection Engine Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20TCP%20Snort%203%20Detection%20Engine%20Bypass%20Vulnerability%26vs_k=1

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. 
This vulnerability is due to a logic error when handling embryonic (half-open) TCP connections. An attacker could exploit this vulnerability by sending a crafted traffic pattern through an affected device. A successful exploit could allow unintended traffic to enter the network protected by the affected device.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-bypass-PTry37fX

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20407

Multiple Cisco Products Snort Rate Filter Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Multiple%20Cisco%20Products%20Snort%20Rate%20Filter%20Bypass%20Vulnerability%26vs_k=1

Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.
This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-rf-bypass-OY8f3pnM

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20342

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Remote Access VPN Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20Remote%20Access%20VPN%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper validation of client key data after the TLS session is established. An attacker could exploit this vulnerability by sending a crafted key value to an affected system over the secure TLS session. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-vpn-cZf8gT

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).



Security Impact Rating: High


CVE: CVE-2024-20495

Cisco Adaptive Security Appliance and Firepower Threat Defense Software TLS Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Appliance%20and%20Firepower%20Threat%20Defense%20Software%20TLS%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper data validation during the TLS 1.3 handshake. An attacker could exploit this vulnerability by sending a crafted TLS 1.3 packet to an affected system through a TLS 1.3-enabled listening socket. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: This vulnerability can also impact the integrity of a device by causing VPN HostScan communication failures or file transfer failures when Cisco ASA Software is upgraded using Cisco Adaptive Security Device Manager (ASDM).

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-tls-CWY6zXB

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20494

Cisco Firepower Threat Defense Software for Firepower 1000, 2100, 3100, and 4200 Series Static Credential Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20for%20Firepower%201000,%202100,%203100,%20and%204200%20Series%20Static%20Credential%20Vulnerability%26vs_k=1

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials.
This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could exploit this vulnerability by logging in to the CLI of an affected device with these credentials. A successful exploit could allow the attacker to access the affected system and retrieve sensitive information, perform limited troubleshooting actions, modify some configuration options, or render the device unable to boot to the operating system, requiring a reimage of the device.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-statcred-dFC8tXT5

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Critical


CVE: CVE-2024-20412

Cisco Secure Firewall Management Center Software Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-2HBkA97G?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Firewall%20Management%20Center%20Software%20Command%20Injection%20Vulnerability%26vs_k=1

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system.
This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the Cisco FMC web-based management interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-2HBkA97G

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20374

Cisco Firepower Threat Defense Software Geolocation ACL Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Firepower%20Threat%20Defense%20Software%20Geolocation%20ACL%20Bypass%20Vulnerability%26vs_k=1

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.
This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-geoip-bypass-MB4zRDu

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20431

Cisco Adaptive Security Virtual Appliance and Secure Firewall Threat Defense Virtual SSL VPN Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Adaptive%20Security%20Virtual%20Appliance%20and%20Secure%20Firewall%20Threat%20Defense%20Virtual%20SSL%20VPN%20Denial%20of%20Service%20Vulnerability%26vs_k=1

A vulnerability in the VPN and management web servers of the Cisco Adaptive Security Virtual Appliance (ASAv) and Cisco Secure Firewall Threat Defense Virtual (FTDv), formerly Cisco Firepower Threat Defense Virtual, platforms could allow an unauthenticated, remote attacker to cause the virtual devices to run out of system memory, which could cause SSL VPN connection processing to slow down and eventually cease all together.
This vulnerability is due to a lack of proper memory management for new incoming SSL/TLS connections on the virtual platforms. An attacker could exploit this vulnerability by sending a large number of new incoming SSL/TLS connections to the targeted virtual platform. A successful exploit could allow the attacker to deplete system memory, resulting in a denial of service (DoS) condition. The memory could be reclaimed slowly if the attack traffic is stopped, but a manual reload may be required to restore operations quickly.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftdvirtual-dos-MuenGnYR

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: High


CVE: CVE-2024-20260

Cisco Secure Firewall Management Center Software Cross-Site Scripting and Information Disclosure Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Firewall%20Management%20Center%20Software%20Cross-Site%20Scripting%20and%20Information%20Disclosure%20Vulnerabilities%26vs_k=1

Multiple vulnerabilities in Cisco Secure Firewall Management Center (FMC) Software, formerly Firepower Management Center Software, could allow an attacker to conduct cross-site scripting (XSS) attacks or access unauthorized information on an affected device. 
For more information about these vulnerabilities, see the Details (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Secure Firewall Management Center Software Cross-Site Scripting and Information Disclosure Vulnerabilities%26vs_k=1#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-infodisc-RL4mJFer

This advisory is part of the October 2024 release of the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication (https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75300).


Security Impact Rating: Medium


CVE: CVE-2024-20377,CVE-2024-20387,CVE-2024-20388