Description: Cisco has released updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Cisco has released software updates that address this vulnerability. Please see the references or vendor advisory for more information. References: Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability cisco-sa-20180620-nxos-bo Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary...
Read More
Description: Intel has released recommendations to address a vulnerability—dubbed Lazy FP state restore—affecting Intel Core-based microprocessors. System software may utilize the Lazy FP state restore technique to delay the restoring of state until an instruction operating on that state is actually executed by the new process. Systems using Intel® Core-based microprocessors may potentially allow a local process to infer data utilizing Lazy FP state restore...
Read More
Description: Cisco has released updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Mitigation: Cisco has released software updates that address this vulnerability. Please see the references or vendor advisory for more information. Reference URL’s: Digital Network Architecture Center Static Credentials Vulnerability cisco-sa-20180516-dnac Digital Network Architecture Center Authentication Bypass Vulnerability cisco-sa-20180516-dna2 Digital Network...
Read More
Description: Red Hat has released security updates to address a vulnerability in its Dynamic Host Configuration Protocol (DHCP) client packages for Red Hat Enterprise Linux 6 and 7. Impact: An attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://bugzilla.redhat.com/show_bug.cgi?id=1567974 https://access.redhat.com/security/cve/cve-2018-1111 https://access.redhat.com/security/vulnerabilities/3442151
Description: Multiple vulnerabilities have been discovered in Mozilla Firefox and Firefox Extended Support Release (ESR), the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Impact: Successful exploitation of the most severe of these vulnerabilities could...
Read More
