• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Patch Now: Cisco, CISA Sound The Alarm On Four Software Flaws

The networking company released patches for vulnerabilities in Cisco Policy Suite, network switches and Cisco’s Email Security Appliance.

November 5, 2021 Zachary Comeau Leave a Comment

Cisco Catalyst IW9167 Series
Cisco's headquarters. stock.adobe.com/Sundry Photography

Cisco and the U.S. Cybersecurity and Infrastructure Security Agency are urging organizations to apply updates that patch critical vulnerabilities in Cisco products.

The networking company released patches for several vulnerabilities this week, including two rated critical and two rated high, impacting Cisco Policy Suite, two lines of switches and Cisco’s Email Security Appliance.

The vulnerabilities are noteworthy enough that CISA issued its own advisory, urging organizations to apply the company’s patches.

Cisco Policy Suite SSH Keys Vulnerability (CVE-2021-40119)

The company identified a vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite that could allow an unauthenticated, remote attacker to log in to an affected system as the root user, the company said in an advisory.

According to NIST’s national vulnerability database, the vulnerability is due to the re-use of static SSH keys across installations. Threat actors can exploit this by extracting a key from a system under their control and log into a system as the root user.

Cisco rates this vulnerability as 9.8.

Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities (CVE-2021-34795, CVE-2021-40112, CVE-2021-40113)

Cisco identified a trio of vulnerabilities in its Catalyst Passive Optical Network Series Switches Optical Network Terminal that it scores 10.0, meaning this is as critical s it gets.

According to the company, these vulnerabilities could allow a remote unauthenticated attacker to log in with a default credential if the Telnet protocol is enabled, perform command injection and modify the configuration.

An attacker doesn’t need to exploit one vulnerability to exploit another, and a software release affected by one of the vulnerabilities may not be affected by others, the company says.

  • The specific products affected include: Catalyst PON Switch CGP-ONT-1P
  • Catalyst PON Switch CGP-ONT-4P
  • Catalyst PON Switch CGP-ONT-4PV
  • Catalyst PON Switch CGP-ONT-4PVC
  • Catalyst PON Switch CGP-ONT-4TVCW

Cisco Small Business Series Switches Session Credentials Replay Vulnerability (CVE-2021-34739)

This vulnerability in the web-based management interface of Cisco’s line of Small Business switches could allow an unauthenticated, remote attacker to replay valid user session credentials and gain access to the web-based management interface of an affected device.

According to Cisco, this is due to insufficient expiration of session credentials. This is exploited by conducting a man-in-the-middle attack against an affected device to intercept valid session credentials and replaying the intercepted credentials toward the same device at a later time.

This vulnerability, given a severity score of 8.1 could result in a hacker accessing the web-based management interface with admin privileges.

Impacted devices include:

  • 250 Series Smart Switches
  • 350 Series Managed Switches
  • 350X Series Stackable Managed Switches
  • 550X Series Stackable Managed Switches
  • Business 250 Series Smart Switches
  • Business 350 Series Managed Switches
  • ESW2 Series Advanced Switches
  • Small Business 200 Series Smart Switches
  • Small Business 300 Series Managed Switches
  • Small Business 500 Series Stackable Managed Switches

Cisco Email Security Appliance Denial of Service Vulnerability (CVE-2021-34741)

This vulnerability, assigned a score of 7.5, is in the email scanning algorithm of Cisco AsyncOS software for the Cisco Email Security Appliance that could allow a remote attacker to perform a denial of service attack on an affected device.

According to Cisco, this is due to insufficient input validation of incoming emails. It can be exploited by sending a crafted email through Cisco ESA, which could allow an attacker to exhaust the available CPU resources on the affected device for an extended period of time, preventing other emails from being processed.

For more information on these vulnerabilities and lower-severity vulnerabilities and patches, visit Cisco’s security advisory page.

 

Tagged With: Cisco, Patch management, Patches

Related Content:

  • AVI-SPL logo AVI-SPL Awarded by Strategic Account Management Association
  • Thrive SOAR MSSP Thrive Upgrades SOC With SOAR Integration
  • Microsoft Intelligent Data Paltform Microsoft Announces Intelligent Data Platform For Database Integration
  • Why Data and Analytics Are Critical in the…

Free downloadable guide you may like:

  • The State of the IT Department in 2022

    The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to making business decisions. Check out our new report to see what your peers in IT think about top concerns and opportunities in 2022.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

The State of the IT Department in 2022

The role of the IT professional has shifted from one that supports the business to one that is deserving of a seat at the table when it comes to ma...

Hybrid Work Challenges
The Three Most Common Hybrid Work Challenges Two Years Into the Pandemic

Many of us have been working in a hybrid environment for two years now. Our editors thought this would be a good time to take a look at what’s work...

These 10 IT Certifications Are Critical To An IT Pro’s Success in 2022

Here are 10 cloud, data and security certifications that we identify as critical to an IT professional’s resume in 2022 and beyond, according to a ...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Terms of Use
  • Privacy Policy
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!

© 2022 Emerald X, LLC. All rights reserved.