Cisco have released a number of security advisories on 5th September regarding current product vulnerabilities, with impact ratings ranging from critical to medium. The advisories, as well as any information about affected products can be found at the following link:https://tools.cisco.com/security/center/publicationListing.x
A recent vulnerability discovered in the Cisco Umbrella API (Application Programming Interface) could potentially allow an attacker to gain remote unauthorized access to read, change or delete data across multiple organisations.This vulnerability exists due to a lack of authentication configuration for the Umbrella API component.As this is specific to the Umbrella API which is used to integrate Umbrella with other products and services for increased visibility and security enforcement, Cisco Umbrella is the only product/service affected by this vulnerability.There are no workarounds for this, but Cisco have released software updates to address the issue, meaning there are no required actions for their Umbrella customers.Severity: CRITICALCVSS Score: Base 9.1The security advisory for this vulnerability is available at the following link:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-umbrella-api
Two vulnerabilities have been disclosed for the Cisco Umbrella Enterprise Roaming Client (ERC) and the Cisco Umbrella Roaming module which could potentially allow an attacker to elevate their privileges to Administrator level; however, to exploit this vulnerability, the attacker must be an authenticated user with valid local user credentials.Both issues exist due to file system permissions being implemented incorrectly, which allows non-admin users to send files to restricted directories.CVE-2018-0437 affects Cisco Umbrella ERC releases prior to 2.1.118 and Cisco AnyConnect Umbrella Roaming Module releases prior to 4.6.1098.CVE-2018-0438 affects Cisco Umbrella ERC releases prior to 2.1.127.There are no workarounds available, but Cisco have released software updates to address the issue.We recommend that customers plan an upgrade of their current roaming client at the earliest opportunity.Severity: HIGHCVSS Score: Base 7.8The security advisories for these vulnerabilities are available at the following link:CVE-2018-0437: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-umbrella-privCVE-2018-0438: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-umbrella-file-read
Stuart Hare is a Technologist with a passion for helping people in all aspects of IT & Cyber Security. Stuart is the Founder of Ironshare, an Information and Cyber Security company providing consultancy and managed services.
Samuel is a Security Analyst with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
Joshua is working as a Managed Service Lead with Ironshare, an Information and Cyber Security company providing Security consultancy and managed services.
