Multiple Vulnerabilities in Cisco Products Could Allow for Unauthorized Access

ITS Advisory Number: 
2016-036
Date(s) Issued: 
Thursday, March 3, 2016
Subject: 
Multiple Vulnerabilities in Cisco Products Could Allow for Unauthorized Access
Overview: 

Multiple Cisco products are prone to multiple vulnerabilities that could allow for unauthorized access. Successful exploitation could potentially allow an attacker to take control of the affected system and perform unauthorized actions.

Systems Affected: 
  • Cisco Nexus 1000V Series Switches
  • Cisco Nexus 3000 Series Switches
    • Running Cisco NC-OS Software releases 6.0(2)U6(1), 6.0(2)U6(2), 6.0(2)U6(3), 6.0(2)U6(4), and 6.0(2)U6(5).
  • Cisco Nexus 3500 Platform Switches
    • Running Cisco NX-OS Software releases 6.0(2)A6(1), 6.0(2)A6(2), 6.0(2)A6(3), 6.0(2)A6(4), 6.0(2)A6(5), and 6.0(2)A7(1).
  • Cisco Nexus 4000 Series Switches
  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 5500 Platform Switches
    • Running Cisco NX-OS Software Release 7.1(1)N1(1).
  • Cisco Nexus 5600 Platform Switches
    • Running Cisco NX-OS Software Release 7.1(1)N1(1).
  • Cisco Nexus 6000 Series Switches
  • Cisco Nexus 7000 Series Switches
  • Cisco Unified Computing System (UCS)
    • Running Cisco NX-OS Software
  • Cisco Web Security Appliance (WSA)
    • Running AsyncOS prior to 8.5.3-051 and 9.0.0-485
RISK
GOVERNMENT
Large and medium government entities: 
High
Small government entities: 
High
BUSINESS
Large and medium business entities: 
High
Small business entities: 
High
Home Users: 
N/A
Description: 

Multiple Cisco products are prone to multiple vulnerabilities. Some of these vulnerabilities could allow for unauthorized access. These vulnerabilities are as follows:

  • A vulnerability in Cisco NX-OS Software running on Cisco Nexus 3000 series switches and Cisco Nexus 3500 Platform Switches could allow an unauthenticated, remote attacker to log into the device with the privileges of the root user with shell access. This vulnerability is rated with a base CVSS Score of 10.0 (CVE-2016-1329)
  • A vulnerability in the TCP stack of the Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is rated with a base CVSS score of 7.8. (CVE-2015-0718)
  • A vulnerability in the web proxy framework of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker with the ability to negotiate a secure connection from within the trusted network to cause a denial of service (DoS) condition on the affected device. This vulnerability is rated with a base CVSS score of 7.8 (CVE-2016-1288)
  • A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Nexus 5500 Platform Switches, Cisco Nexus 5600 Platform Switches, and Cisco Nexus 6000 Series Switches running Cisco NC-OS Software could allow an unauthenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. This vulnerability is rated with a base CVSS score of 7.8 (CVE-2015-6260)
Actions: 
  • Install the updates provided by Cisco immediately after appropriate testing.
  • Verify no unauthorized system modifications have occurred on system before applying patch.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.