By security practitioners, for security practitioners innovate | novacoast federal | novaSOC | novacoast
By security practitioners, for security practitioners

Cisco Patches Vulnerabilities Across Multiple Product Lines

Oct 27, 2021 22:30 GMT

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) are the most critically impacted products in the latest round of patches for high-rated vulnerabilities.

Background

Cisco released a series of patches on October 27th across multiple platforms. The most critically impacted platforms are Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). In addition, one high-rated vulnerability impacts the Firepower Management Center (FMC) and the patched high-rated Snort vulnerability impacts additional products.

Though the majority of the high rated vulnerabilites addressed resolve potential Denial of Service vectors, one standout vulnerability in FTD allows for arbitrary code execution with Root level privileges.

Vulnerability Details

Mitigation

Given the severity of these issues, urgent updates are recommended. Consult the individual advisories for more details or potential workarounds.

Resources

Cisco Firepower Threat Defense Software Command Injection Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-cmdinject-FmzsLN8

Multiple Cisco Products Snort Rule Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM

Cisco Firepower Management Center Software Authenticated Directory Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-RywH7ezM

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Resource Exhaustion Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-Unk689XY

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9

Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-rUDseW3r

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Software-Based SSL/TLS Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-tls-decrypt-dos-BMxYjm8M

Previous Post

Implementing MITRE ATT&CK

Next Post

A More Secure Software Supply Chain