InfoSecBulletin Cybersecurity for mankind
CISCO fixed a vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem). The vulnerability could allow an attacker without authentication to change the password of any user, even administrative users.
The problem is caused by not implementing the password-change process correctly. An attacker could take advantage of this by sending specific HTTP requests to a device. If successful, the attacker could access the web UI or API using the compromised user’s privileges.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
The issue affects SSM On-Prem installations before Release 7.0, which is called Cisco Smart Software Manager Satellite (SSM Satellite).
“This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device,” Cisco explained.
Cisco’s Product Security Incident Response Team (PSIRT) has not found any evidence of public proof of concept exploits or exploitation attempts targeting this vulnerability.
No workarounds are available for systems affected by this security flaw. All administrators must upgrade to a fixed release in order to secure vulnerable servers in the environment.
