Cisco rolls out patches for high-risk vulnerabilities in FXOS and NX-OS software

Networking giant Cisco has published an advisory bundle for admins with Cisco switches and firewalls under their command, as some of the equipment supplied by the company is in dire need of patching.

The Cisco FXOS and NX-OS software security advisory collection contains 25 knowledgebase articles that describe 26 vulnerabilities in FXOS and NX-OS software.

The flaws in Cisco NX-OS Software affect the company’s series of Nexus switches, line cards and fabric modules. The vulnerabilities in Cisco FXOS Software apply to Firepower firewalls and appliances, MDS switches and UCS fabric interconnects, besides the same switches.

While not labeled critical, all 26 of the vulnerabilities have a high security impact rating.

“Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized access, gain elevated privileges, execute arbitrary commands, escape the restricted shell, bypass the system image verification checks, or cause a denial of service (DoS) condition on an affected device,” according to Switchzilla.

A separate document tells users of Nexus switches to disable the PowerOn Auto Provisioning (POAP) feature, which is on by default. This potentially-exploitable feature helps automate the initial deployment and configuration of Nexus switches.

Of the 26 flaws, three are found in both Cisco FXOS Software and Cisco NX-OS Software. The bundled publication includes a comprehensive table that identifies each vulnerability alongside the affected equipment. Patches are available for all 26 flaws. Administrators with affected Cisco equipment would be wise to install the latest updates sooner rather than later.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Filip Truta. Read the original post at: