Cisco Channel

2022-08-25 06:50:33 Cisco Appoints Sarah Rae Murphy to its Board of Directors
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2022/m08/cisco-appoints-sarah-rae-murphy-to-its-board-of-directors.html?source=rss Open / Comment

2022-08-24 19:15:37 Cisco Event Response: August 2022 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74837&vs_f=Cisco%20Event%20Responses&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Event%20Response:%20August%202022%20Semiannual%20Cisco%20FXOS%20and%20NX-OS%20Software%20Security%20Advisory%20Bundled%20Publication&vs_k=1 Open / Comment

2022-08-24 19:09:28 Cisco NX-OS Software OSPFv3 Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20NX-OS%20Software%20OSPFv3%20Denial%20of%20Service%20Vulnerability&vs_k=1

A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition.
Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details (https://sec.cloudapps.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml#details) section of this advisory.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ospfv3-dos-48qutcu

This advisory is part of the August 2022 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2022 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74837).




Security Impact Rating: High



CVE: CVE-2022-20823 Open / Comment

2022-08-24 19:08:52 Cisco ACI Multi-Site Orchestrator Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-prvesc-BPFp9cZs?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20ACI%20Multi-Site%20Orchestrator%20Privilege%20Escalation%20Vulnerability&vs_k=1

A vulnerability in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO) could allow an authenticated, remote attacker to elevate privileges on an affected device.
This vulnerability is due to improper authorization on specific APIs. An attacker could exploit this vulnerability by sending crafted HTTP requests. A successful exploit could allow an attacker who is authenticated with non-Administrator privileges to elevate to Administrator privileges on an affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mso-prvesc-BPFp9cZs



Security Impact Rating: High



CVE: CVE-2022-20921 Open / Comment

2022-08-24 19:07:28 Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FXOS%20and%20NX-OS%20Software%20Cisco%20Discovery%20Protocol%20Denial%20of%20Service%20and%20Arbitrary%20Code%20Execution%20Vulnerability&vs_k=1

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition.
Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cdp-dos-ce-wWvPucC9

This advisory is part of the August 2022 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2022 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74837).




Security Impact Rating: High



CVE: CVE-2022-20824 Open / Comment

2022-08-24 19:06:35 Cisco FXOS Software Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20FXOS%20Software%20Command%20Injection%20Vulnerability&vs_k=1

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The attacker would need to have Administrator privileges on the device.
This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-cmdinj-TxcLNZNH

This advisory is part of the August 2022 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2022 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74837).




Security Impact Rating: Medium



CVE: CVE-2022-20865 Open / Comment

2022-08-24 09:10:30 Cisco (NASDAQ: CSCO) announced that earlier today its Board of Directors declared a quarterly cash dividend of $0.38 per common share to be paid on October 26, 2022, to all stockholders of record as of the close of business on October 5, 2022.
More RSS Feeds: https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html (https://newsroom.cisco.com/c/r/newsroom/en/us/rss-feeds.html?source=rss) Open / Comment

2022-08-24 09:10:29 Open / Comment

2022-08-24 09:10:29 Cisco Declares Quarterly Cash Dividend
https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2022/m08/cisco-declares-quarterly-cash-dividend.html?source=rss Open / Comment

2022-08-24 04:31:57 Join t.me/EmojiPacks to get tons of emojis!! Open / Comment