CISCO fixed a vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem). The vulnerability could allow an attacker without authentication to change the password of any user, even administrative users.
The problem is caused by not implementing the password-change process correctly. An attacker could take advantage of this by sending specific HTTP requests to a device. If successful, the attacker could access the web UI or API using the compromised user’s privileges.
By infosecbulletin
/ Thursday , October 17 2024
Cybersecurity threats have surged to extraordinary heights, as Microsoft’s latest Digital Defense Report reveals that its customers are confronted with...
Read More
By infosecbulletin
/ Thursday , October 17 2024
VMware has issued a warning about a remote code execution vulnerability, CVE-2024-38814, with a CVSS score of 8.8, in its...
Read More
By infosecbulletin
/ Thursday , October 17 2024
Mandiant researchers found that over 90 zero-day vulnerabilities and more than 40 known vulnerabilities were exploited in the wild. Vulnerabilities...
Read More
By infosecbulletin
/ Wednesday , October 16 2024
Oracle's October 2024 Critical Patch Update has fixed 334 security vulnerabilities in its products. The CPU affects 28 Oracle product...
Read More
By infosecbulletin
/ Wednesday , October 16 2024
Google has released Chrome 130, fixing 17 security vulnerabilities. The update (version 130.0.6723.58/.59 for Windows and Mac, and 130.0.6723.58 for...
Read More
By infosecbulletin
/ Wednesday , October 16 2024
Chinese researchers, led by Wang Chao from Shanghai University, have cracked RSA encryption using quantum computers. This achievement raises serious...
Read More
By infosecbulletin
/ Tuesday , October 15 2024
On Sunday, the Shadowserver Foundation revealed that over 87,000 internet-facing Fortinet devices may still be at risk due to (CVE-2024-23113)...
Read More
By infosecbulletin
/ Monday , October 14 2024
A new sophisticated scam is targeting Gmail users, using artificial intelligence to manipulate them into giving away account access. This...
Read More
By infosecbulletin
/ Monday , October 14 2024
RansomHub targets Bangladeshi Confidence group of companies limited. The rapidly growing RansomHub ransomware group set time to release the data....
Read More
By infosecbulletin
/ Sunday , October 13 2024
OpenAI has neutralized over 20 malicious cyber operations using its AI chatbot, ChatGPT, for creating malware, spreading misinformation, avoiding detection,...
Read More
The issue affects SSM On-Prem installations before Release 7.0, which is called Cisco Smart Software Manager Satellite (SSM Satellite).
“This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device,” Cisco explained.
Cisco’s Product Security Incident Response Team (PSIRT) has not found any evidence of public proof of concept exploits or exploitation attempts targeting this vulnerability.
No workarounds are available for systems affected by this security flaw. All administrators must upgrade to a fixed release in order to secure vulnerable servers in the environment.
Cisco warned in April about a state-sponsored hacking group called UAT4356 and STORM-1849. This group was exploiting two zero-day bugs, namely CVE-2024-20353 and CVE-2024-20359.
Since November 2023, attackers have used two bugs to target government networks worldwide through a campaign called ArcaneDoor, attacking Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls.