CISCO fixed a vulnerability in the authentication system of Cisco Smart Software Manager On-Prem (SSM On-Prem). The vulnerability could allow an attacker without authentication to change the password of any user, even administrative users.
The problem is caused by not implementing the password-change process correctly. An attacker could take advantage of this by sending specific HTTP requests to a device. If successful, the attacker could access the web UI or API using the compromised user’s privileges.
By infosecbulletin
/ Sunday , December 22 2024
A major security flaw in Craft CMS, a popular PHP content management system, has been found, enabling unauthenticated remote code...
Read More
By infosecbulletin
/ Sunday , December 22 2024
Mastercard has completed its acquisition of Recorded Future, an AI-based threat intelligence provider. Mastercard has acquired the company for $2.65...
Read More
By infosecbulletin
/ Saturday , December 21 2024
CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in...
Read More
By infosecbulletin
/ Friday , December 20 2024
Bank Rakyat Indonesia (BRI), the largest state bank by assets, has assured customers that their data and funds are secure...
Read More
By infosecbulletin
/ Friday , December 20 2024
Cybersecurity researcher Jeremiah Fowler reported to Website Planet that he found a non-password-protected 1.2 TB dataset containing over 3 million...
Read More
By infosecbulletin
/ Friday , December 20 2024
Sophos has fixed three separate security vulnerabilities in Sophos Firewall. The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such...
Read More
By infosecbulletin
/ Thursday , December 19 2024
A time-demanding workshop on "Cybersecurity Awareness and Needs Analysis" was held on Thursday (December 19) at Bangladesh Bank Training Academy...
Read More
By infosecbulletin
/ Thursday , December 19 2024
Kaspersky's Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient...
Read More
By infosecbulletin
/ Wednesday , December 18 2024
The US government is considering banning a well-known brand of Chinese-made home internet routers TP-Link due to concerns that they...
Read More
By infosecbulletin
/ Wednesday , December 18 2024
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
The issue affects SSM On-Prem installations before Release 7.0, which is called Cisco Smart Software Manager Satellite (SSM Satellite).
“This vulnerability is due to improper implementation of the password-change process. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device,” Cisco explained.
Cisco’s Product Security Incident Response Team (PSIRT) has not found any evidence of public proof of concept exploits or exploitation attempts targeting this vulnerability.
No workarounds are available for systems affected by this security flaw. All administrators must upgrade to a fixed release in order to secure vulnerable servers in the environment.
Cisco warned in April about a state-sponsored hacking group called UAT4356 and STORM-1849. This group was exploiting two zero-day bugs, namely CVE-2024-20353 and CVE-2024-20359.
Since November 2023, attackers have used two bugs to target government networks worldwide through a campaign called ArcaneDoor, attacking Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls.