Cisco Talos reported an issue in the Cisco Identity Services Engine (ISE) that could allow an unauthenticated attacker to inject or manipulate X.509 certificates to impersonate users when using the “secure login” feature of Cisco ISE and to decrypt confidential data when using the “secure transfer” feature of Cisco ISE.
CVE-2018-0687 An issue was discovered in certain Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 Virtualization (VServer) configurations with an Unpatched Red Hat Enterprise Linux 7 Virtualization (VServer) kernel. An unprivileged user could exploit this flaw to cause a denial-of-service (DoS) condition on the system by sending a large amount of TCP traffic to the virtual machine.
CVE-2018-0688 An issue was discovered in certain Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 Virtualization (VServer) configurations with an Unpatched Red Hat Enterprise Linux 7 Virtualization (VServer) kernel. An unprivileged user could exploit this flaw to cause a denial-of-service (DoS) condition on the system by sending a large amount of TCP traffic to the virtual machine.
CVE-2018-0689 An issue was discovered in certain Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 6 Virtualization (VServer) configurations with an Unpatched Red Hat Enterprise Linux 7 Virtualization (VServer) kernel. An unprivileged user could exploit
Products Affected by the Issues
Cisco Identity Services Engine (ISE), Virtualization Server (VServer), and Cisco ASA Software
When using the “secure login” feature of Cisco ISE, an unauthenticated attacker could inject or manipulate X.509 certificates to impersonate users. When using the “secure transfer” feature of Cisco ISE, an unauthenticated attacker could decrypt confidential data.
What is VMware vSphere?
VMware vSphere is a cloud computing virtualization platform that provides a number of services including compute, storage and related software components.
Timeline
Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/18/2022 21:18:00 UTC