The most severe of the issues is CVE-2021-34770, which Cisco calls a "logic error" that occurs during the processing of CAPWAP (Control And Provisioning of Wireless Access Points) packets that enable a central wireless Controller to manage a group of wireless access points. CVE-2021-1619 (CVSS score: 9.8) - Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability.CVE-2021-34727 (CVSS score: 9.8) - Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability.CVE-2021-34770 (CVSS score: 10.0) - Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability. Networking equipment maker Cisco Systems has rolled out patches to address three critical security vulnerabilities in its IOS XE network operating system that remote attackers could potentially abuse to execute arbitrary code with administrative privileges and trigger a denial-of-service (DoS) condition on vulnerable devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |