Cisco on Wednesday released security patches for 45 vulnerabilities affecting a variety of products, some of which could be exploited to execute arbitrary actions with elevated permissions on affected systems.
Of the 45 bugs, one security vulnerability is rated Critical, three are rated High, and 41 are rated Medium in severity.
The most severe of the issues are CVE-2022-20857, CVE-2022-20858, and CVE-2022-20861, which impact Cisco Nexus Dashboard for data centers and cloud network infrastructures and could enable an “unauthenticated remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack.”
- CVE-2022-20857 (CVSS score: 9.8) – Cisco Nexus Dashboard arbitrary command execution vulnerability
- CVE-2022-20858 (CVSS score: 8.2) – Cisco Nexus Dashboard container image read and write vulnerability
- CVE-2022-20861 (CVSS score: 8.8) – Cisco Nexus Dashboard cross-site request forgery (CSRF) vulnerability
All the three vulnerabilities, which were identified during internal security testing, affect Cisco Nexus Dashboard 1.1 and later, with fixes available in version 2.2(1e).
Another high-severity flaw relates to a vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard (CVE-2022-20860, CVSS score: 7.4) that could permit an unauthenticated, remote attacker to alter communications with associated controllers or view sensitive information.
“An attacker could exploit this vulnerability by using man-in-the-middle techniques to intercept the traffic between the affected device and the controllers, and then using a crafted certificate to impersonate the controllers,” the company said in an advisory.
“A successful exploit could allow the attacker to alter communications between devices or view sensitive information, including Administrator credentials for these controllers.”
Another set of five shortcomings in the Cisco Nexus Dashboard products concerns a mix of four privilege escalation flaws and an arbitrary file write vulnerability that could permit an authenticated attacker to gain root permissions and write arbitrary files to the devices.
Elsewhere resolved by Cisco are 35 vulnerabilities in its Small Business RV110W, RV130, RV130W, and RV215W routers that could equip an adversary already in possession of valid Administrator credentials with capabilities to run arbitrary code or cause a denial-of-service (DoS) condition by sending a specially crafted request to the web-based management interface.
Rounding off the patches is a fix for a cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco IoT Control Center that, if successfully weaponized, could enable an unauthenticated, remote attacker to stage an XSS attack against a user.
“An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link,” Cisco said. “A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.”
Although none of the aforementioned vulnerabilities are said to be maliciously put to use in real-world attacks, it’s imperative that users of the affected appliances move quickly to apply the patches.
The updates also arrived less than two weeks after Cisco rolled out patches for 10 security flaws, including an arbitrary critical file overwrite vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server (CVE-2022-20812) that could lead to absolute path traversal attacks.