Cisco Channel

2021-03-02 22:23:54 More RSS Feed: newsroom.cisco.com/rss-feeds (https://newsroom.cisco.com/rss-feeds?utm_source=newsroom.cisco.com&utm_medium=RSS&utm_campaign=More_RSS_Link) ... Open / Comment

2021-03-02 22:23:53 Open / Comment

2021-03-02 02:51:22 Help? Go here > t.me/CiscoChat

Join @CiscoLog for more channels and groups. If you own a channel or group that you want added to the log, ask us in @CiscoChat.

[Free Courses]
yamechanic.com/2Kkn
• Penetration Testing
• Ethical Hacking
• Social Engineering
• CCNA
• CCNP
• CISSP
• CISO
• Net+
• Linux+
• A+
• More at no cost
(free to sign up) Open / Comment

2021-03-01 16:15:12 Use the code HodgeTwins at MyPillow.com to support Mike! The radical left and media is trying to destroy his company. Let’s support Mikes business. You get up to 66% off with our code. Open / Comment

2021-02-25 02:06:51 In the early, ambiguous days of the COVID-19 outbreak, the global community had little time to strategize.
More RSS Feed for Cisco: newsroom.cisco.com/rss-feeds (http://newsroom.cisco.com/rss-feeds?utm_source=newsroom.cisco.com&utm_medium=RSS&utm_campaign=More_RSS_Link) ... Open / Comment

2021-02-25 02:06:51 Open / Comment

2021-02-25 02:06:51 Rethinking What's Possible in the Post-Pandemic World
https://blogs.cisco.com/news/rethinking-whats-possible-in-the-post-pandemic-world Open / Comment

2021-02-24 20:15:44 Cisco Event Response: February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74414&vs_f=Cisco%20Event%20Responses&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Event%20Response:%20February%202021%20Cisco%20FXOS%20and%20NX-OS%20Software%20Security%20Advisory%20Bundled%20Publication&vs_k=1 Open / Comment

2021-02-24 19:52:25 Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-csrf-wRMzWL9z?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20NX-OS%20Software%20NX-API%20Cross-Site%20Request%20Forgery%20Vulnerability&vs_k=1

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker could exploit this vulnerability by persuading a user of the NX-API to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. The attacker could view and modify the device configuration.
Note: The NX-API feature is disabled by default.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. 
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-nxapi-csrf-wRMzWL9z

This advisory is part of the February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74414).




Security Impact Rating: High



CVE: CVE-2021-1227 Open / Comment

2021-02-24 19:51:22 Cisco Nexus 9000 Series Fabric Switches ACI Mode BGP Route Installation Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Nexus%209000%20Series%20Fabric%20Switches%20ACI%20Mode%20BGP%20Route%20Installation%20Denial%20of%20Service%20Vulnerability&vs_k=1

A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a routing process to crash, which could lead to a denial of service (DoS) condition.
This vulnerability is due to an issue with the installation of routes upon receipt of a BGP update. An attacker could exploit this vulnerability by sending a crafted BGP update to an affected device. A successful exploit could allow the attacker to cause the routing process to crash, which could cause the device to reload. This vulnerability applies to both Internal BGP (IBGP) and External BGP (EBGP).
Note: The Cisco implementation of BGP accepts incoming BGP traffic from explicitly configured peers only. To exploit this vulnerability, an attacker would need to send a specific BGP update message over an established TCP connection that appears to come from a trusted BGP peer.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n9kaci-bgp-De9dPKSK

This advisory is part of the February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication (https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74414).




Security Impact Rating: High



CVE: CVE-2021-1230 Open / Comment