Cisco Systems released 6 security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high & medium severity.
Networking giant issues 2 critical patches & 6 high-severity patches.
The most serious of the bugs patched by Cisco (rated 9.1 out of 10) could allow a remote & unauthenticated adversary to read or write arbitrary files on to an application protocol interface used in Cisco 9000 series switches designed to manage its software-defined networking data centre solution.
Critical Vulnerability
This critical vulnerability, tracked as CVE-2021-1577, impacts Cisco Application Policy Infrastructure Controller (APIC) & Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC). APIC is the main architectural component of the Cisco Application Centric Infrastructure, which runs on Cisco Nexus 9000 Series node.
“This vulnerability is due to improper access control. An attacker could exploit this vulnerability by using a specific API endpoint to upload a file to an affected device,” wrote Cisco in its Wed. security bulletin. Affected products are Cisco APIC & Cisco Cloud APIC.
Mitigations are Available
As with each of the bugs & fixes announced Wed., Cisco said mitigations are available for each of the vulnerabilities & it is not aware of any publicly known exploits for those bugs patched.
The release Wed., which included 15 patches in all, were part of a Cisco “bundled publication” of security fixes for its Firepower eXtensible Operating System & is Linux kernel compatible NX-OS software.
Bug Fixes
Cisco also addressed 2 high-severity Nexus 9000 bugs (CVE-2021-1586, CVE-2021-1523) & 3 medium-severity flaw (CVE-2021-1583, CVE-2021-1584, CVE-2021-1591). The 2 high-severity bugs (both with a base CVSS score of 8.6) are denial of service flaws.
“A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition,” wrote Cisco.
A 2nd high-severity Nexus 9000 series vulnerability is described by Cisco as a flaw in its Fabric Switches ACI Mode Queue Wedge.
Remote Attacker
“The flaw could allow an unauthenticated, remote attacker to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the device being dropped. This could result in 1 or more leaf switches being removed from the fabric,” Cisco noted.
Cisco notes that mitigation for this bug requires “a manual intervention to power-cycle the device to recover” after patches have been applied. Affected are generation 1 model N9K (Nexus 9000) series fabric switches.
Critical QNX ‘BadAlloc’ Bugs
On Wed., Cisco released a 2nd critical advisory for its gear tied to a QNX operating system bug, reported on Aug. 17 by BlackBerry. That bug, according to BlackBerry, could allow threat players to take over or launch denial of service attacks on devices & critical infrastructure by exploiting what are called BadAlloc bugs.
QNX is BlackBerry’s real-time OS, used in embedded systems such as automobiles, medical devices & handsets.
No Products are Known to be Affected
While Cisco says none of its products are impacted by the QNX bug, it has rated the advisory as critical. “Cisco has completed its investigation into its product line to determine which products may be affected by this vulnerability. No products are known to be affected,” it wrote.
The Cisco advisory outlines switch & router products that “leverage the affected QNX software”, however “Cisco has confirmed that the vulnerability is not exploitable on these platforms.”
QNX
Cisco products running QNX include:
- Channelized shared port adapters (SPAs) (CSCvz34866)
- Circuit Emulation over Packet (CEoP) SPAs (CSCvz34865)
- IOS XR 32-bit Software (CSCvz34871)
Note: IOS XR 64-bit Software does not leverage QNX software. - RF Gateway 10 (CSCvz34869)
https://www.cybernewsgroup.co.uk/virtual-conference-september-2021/
