CVE-2018-0212

CVE: CVE-2018-0212
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf69963.
References:
http://www.securitytracker.com/id/1040471
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise1

CVE-2018-1387

CVE: CVE-2018-1387
Published: 2018-03-08T16:29Z
Description Language: en
Description: IBM Application Performance Management for Monitoring & Diagnostics (IBM Monitoring 8.1.3 and 8.1.4) may release sensitive personal data to the staff who can access to the database of this product. IBM X-Force ID: 138210.
References:
http://www.ibm.com/support/docview.wss?uid=swg22014035
https://exchange.xforce.ibmcloud.com/vulnerabilities/138210

CVE-2018-4838

CVE: CVE-2018-4838
Published: 2018-03-08T17:29Z
Description Language: en
Description: A vulnerability has been identified in Siemens EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions). The web interface (TCP/80) of affected devices allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities.
References:
https://cert-portal.siemens.com/productcert/pdf/ssa-845879.pdf

CVE-2018-7866

CVE: CVE-2018-7866
Published: 2018-03-08T18:29Z
Description Language: en
Description: A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/118

CVE-2018-0213

CVE: CVE-2018-0213
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to a lack of proper input validation. An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to gain elevated privileges to access functionality that should be restricted. The attacker must have valid user credentials to the device to exploit this vulnerability. Cisco Bug IDs: CSCvf69753.
References:
http://www.securitytracker.com/id/1040471
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise2

CVE-2018-1182

CVE: CVE-2018-1182
Published: 2018-03-08T15:29Z
Description Language: en
Description: An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels (hardware appliance and software bundle deployments only); RSA Via Lifecycle and Governance version 7.0, all patch levels (hardware appliance and software bundle deployments only); RSA Identity Management & Governance (RSA IMG) versions 6.9.0, 6.9.1, all patch levels (hardware appliance and software bundle deployments only). It allows certain OS level users to execute arbitrary scripts with root level privileges.
References:
http://seclists.org/fulldisclosure/2018/Mar/16

CVE-2018-4839

CVE: CVE-2018-4839
Published: 2018-03-08T17:29Z
Description Language: en
Description: A vulnerability has been identified in Siemens DIGSI 4 (All versions < V4.92), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), SIPROTEC Compact 7SJ80 (All versions < V4.77), SIPROTEC Compact 7SK80 (All versions < V4.77), SIPROTEC Compact 7SJ66 (All versions < V4.30), Other SIPROTEC Compact relays (All versions), Other SIPROTEC 4 relays (All versions). An attacker with local access to the engineering system or in a privileged network position and able to obtain certain network traffic could possibly reconstruct access authorization passwords.
References:
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf

CVE-2018-7867

CVE: CVE-2018-7867
Published: 2018-03-08T18:29Z
Description Language: en
Description: There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 during a RegisterNumber sprintf. A Crafted input will lead to a denial of service attack.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/116

CVE-2018-0147

CVE: CVE-2018-0147
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object. An exploit could allow the attacker to execute arbitrary commands on the device with root privileges. Cisco Bug IDs: CSCvh25988.
References:
http://www.securitytracker.com/id/1040463
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs2

CVE-2018-0214

CVE: CVE-2018-0214
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to execute arbitrary commands on the host operating system with the privileges of the local user, aka Command Injection. These commands should have been restricted from this user. The vulnerability is due to insufficient input validation of CLI command user input. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a CLI command with crafted user input. A successful exploit could allow the attacker to execute arbitrary commands on the affected system that should be restricted. The attacker would need to have valid user credentials for the device. Cisco Bug IDs: CSCvf49844.
References:
http://www.securitytracker.com/id/1040471
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise3

CVE-2018-4840

CVE: CVE-2018-4840
Published: 2018-03-08T17:29Z
Description Language: en
Description: A vulnerability has been identified in Siemens DIGSI 4 (All versions < V4.92), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module PROFINET IO variant (All versions), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module DNP3 variant (All versions), EN100 Ethernet module IEC 104 variant (All versions). The device engineering mechanism allows an unauthenticated remote user to upload a modified device configuration overwriting access authorization passwords.
References:
https://cert-portal.siemens.com/productcert/pdf/ssa-203306.pdf

CVE-2018-7868

CVE: CVE-2018-7868
Published: 2018-03-08T18:29Z
Description Language: en
Description: There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT8 data. A Crafted input will lead to a denial of service attack.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/113

CVE-2018-0215

CVE: CVE-2018-0215
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections on the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCuv32863.
References:
http://www.securitytracker.com/id/1040471
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise4

CVE-2018-7869

CVE: CVE-2018-7869
Published: 2018-03-08T18:29Z
Description Language: en
Description: There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/119

CVE-2018-0216

CVE: CVE-2018-0216
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. Cisco Bug IDs: CSCvf69805.
References:
http://www.securitytracker.com/id/1040471
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-ise5

CVE-2018-7870

CVE: CVE-2018-7870
Published: 2018-03-08T18:29Z
Description Language: en
Description: An invalid memory address dereference was discovered in getString in util/decompile.c in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/117

CVE-2018-0217

CVE: CVE-2018-0217
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of commands that are supplied to certain configurations in the CLI of the affected operating system. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable CLI command for an affected system. A successful exploit could allow the attacker to insert and execute arbitrary commands in the CLI of the affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvg29441.
References:
http://www.securitytracker.com/id/1040466
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-staros

CVE-2018-7871

CVE: CVE-2018-7871
Published: 2018-03-08T18:29Z
Description Language: en
Description: There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. A crafted input will lead to a denial of service or possibly unspecified other impact.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/120

CVE-2018-0218

CVE: CVE-2018-0218
Published: 2018-03-08T07:29Z
Description Language: en
Description: A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior to 5.8 patch 9 could allow an unauthenticated, remote attacker to gain read access to certain information in the affected system. The vulnerability is due to improper handling of XML External Entities (XXEs) when parsing an XML file. An attacker could exploit this vulnerability by convincing the administrator of an affected system to import a crafted XML file. Cisco Bug IDs: CSCve70616.
References:
http://www.securitytracker.com/id/1040470
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180307-acs1

CVE-2018-7872

CVE: CVE-2018-7872
Published: 2018-03-08T18:29Z
Description Language: en
Description: An invalid memory address dereference was discovered in the function getName in libming 0.4.8 for CONSTANT16 data. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
References:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892260
https://github.com/libming/libming/issues/114