For many global organizations, workloads can be where the most critical business information resides. These teams need to enforce a strict security posture, ensuring their workloads are not directly exposed to the Internet for security, regulatory, and compliance reasons. As such, only a handful of identified computers or appliances can receive traffic from the Internet … ContinuedThe post Full NGAV, EDR, and Audit/Remediation for Air-Gapped Systems appeared first on VMware Security
More info:
https://blogs.vmware.com/security/2023/02/full-ngav-edr-and-audit-remediation-for-air-gapped-systems.html?utm_source=rss&utm_medium=rss&utm_campaign=full-ngav-edr-and-audit-remediation-for-air-gapped-systems
VMware Brings In-House Benchmarking Tool to Workloads Benchmarks are a valuable resource that help security practitioners implement and manage their cybersecurity defenses and data. One such benchmarking tool is The Center for Internet Security (CIS). They’ve published CIS Benchmarks, the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and … ContinuedThe post VMware Brings In-House Benchmarking Tool to
More info:
https://blogs.vmware.com/security/2023/02/vmware-brings-in-house-benchmarking-tool-to-workloads.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-brings-in-house-benchmarking-tool-to-workloads
A vulnerability in the messaging interface of Cisco Webex App, formerly Webex Teams, could allow an unauthenticated, remote attacker to manipulate links or other content within the messaging interface. This vulnerability exists because the affected software does not properly handle character rendering. An attacker could exploit this vulnerability by sending messages within the application interface. A successful exploit could allow the attacker to modify the display of links or other content
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-qrtO6YC2?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Webex%20Meetings%20App%20Character%20Interface%20Manipulation%20Vulnerability&vs_k=1
A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Network Controller, formerly Cisco Cloud APIC, could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capic-csrfv-DMx6KSwV?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Application%20Policy%20Infrastructure%20Controller%20and%20Cisco%20Cloud%20Network%20Controller%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1
A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric Extender (FEX) when used in UCS Fabric Interconnect deployments could allow an unauthenticated attacker with physical access to bypass authentication. This vulnerability is due to the improper implementation of the password validation function. An attacker could exploit this vulnerability by logging in to the console port on an affected device. A successful exploit could allow the attacker to bypass
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-elyfex-dos-gfvcByx?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209300-FX3%20Series%20Fabric%20Extender%20for%20UCS%20Fabric%20Interconnects%20Authentication%20Bypass%20Vulnerability&vs_k=1
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security Appliances, and Cisco UCS 6200, 6300, 6400, and 6500 Series Fabric Interconnects could allow an authenticated, local attacker to inject unauthorized commands. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxfp-cmdinj-XXBZjtR?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Firepower%204100%20Series,%20Firepower%209300%20Security%20Appliances,%20and%20UCS%20Fabric%20Interconnects%20Command%20Injection%20Vulnerability&vs_k=1
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by including crafted input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands on the underlying
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cli-cmdinject-euQVK9u?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20NX-OS%20Software%20CLI%20Command%20Injection%20Vulnerability&vs_k=1
For certain products that are running Cisco NX-OS Software and are configured for SSH authentication with an X.509 version 3 (X.509v3) certificate, two remote authorization methods are unsupported and could allow for privilege escalation: TACACS+ and certain configurations of Lightweight Directory Access Protocol (LDAP). TACACS+ does not properly validate the distinguished name (DN) of the X.509v3 certificate due to a logic error with authentication, authorization, and accounting (AAA). LDAP
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-x509v3-unsupportedconfig-ScRtAbUk?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20NX-OS%20Software%20SSH%20X.509v3%20Certificate%20Authentication%20with%20Unsupported%20Remote%20Authorization%20Method%20Privilege%20Escalation%20Issues&vs_k=1
A vulnerability in the Link Layer Discovery Protocol (LLDP) feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This vulnerability is due to incorrect error checking when parsing ingress LLDP packets. An attacker could exploit this vulnerability by sending a steady stream of crafted LLDP packets to an affected
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-lldp-dos-ySCNZOpX?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Fabric%20Switches%20in%20ACI%20Mode%20Link%20Layer%20Discovery%20Protocol%20Memory%20Leak%20Denial%20of%20Service%20Vulnerability&vs_k=1
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the configuration export feature of Cisco FXOS Software could allow an unauthenticated attacker with access to a backup file to decrypt sensitive information stored in the full state and configuration backup files. This vulnerability is due to a weakness in the encryption method used for the backup function. An attacker could exploit this vulnerability by leveraging a static key used for the backup
More info:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucsm-bkpsky-H8FCQgsA?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FXOS%20Software%20and%20UCS%20Manager%20Software%20Configuration%20Backup%20Static%20Key%20Vulnerability&vs_k=1
