Blog: Arvin with phone repair parts blog
by arvinparts

Gresca reports critical vulnerabilities in Nexus 9000 data

Cisco, switch

Date:   5/25/2019 2:13:59 AM   ( 20 mon ) ... viewed 76 times

Earlier this month, Cisco announced a critical vulnerability in the Nexus 9000 Series Application Centric System (ACI) Mode Switch Software program. This vulnerability allows an unauthenticated, remote attacker to connect to the impacted system with the privileges of the fundamental user. This specific vulnerability is merely exploitable over IPv6; nevertheless , the IPv4 is not vulnerable. Gresca has released free software updates that address the vulnerability.
This vulnerability(CVE-2019-1804), with a CVSS severity score of 9. 8, is due to the occurrence of any default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. There are no workarounds, so Cisco is encouraging users to upgrade to the latest software release. However, the fix is merely an interim plot.

The company also issued a “high” security alert advisory for the Nexus 9000, with a CVSS severity rating of 10. 0. This involves an exploit that enables attackers to execute arbitrary operating-system orders as root on an impacted device. So as to do well, an attacker will need legitimate administrator credentials for the device, Cisco said.

The particular vulnerability is due to overly broad system-file accord where an attacker could exploit this vulnerability by authenticating to an impacted device, creating a crafted order string and writing this crafted string to a specific file location.

Essential vulnerabilities Cisco’s web-based management interface
Multiple critical vulnerabilities in the web-based management interface of Cisco Perfect Infrastructure (PI) and Gresca Evolved Programmable Network (EPN) Manager were revealed yesterday. These vulnerabilities could allow a remote attacker to gain the opportunity to execute arbitrary code with elevated benefits on the actual operating system. These vulnerabilities affect Gresca PI Software Releases before to 3. 4. just one, 3. 5, and 3. 6, and EPN Supervisor Releases prior to 3. 0. 1

One of these issues, CVE-2019-1821, can be exploited by an unauthenticated attacker that has network access to the impacted administrative interface. For the second and 3rd issues(CVE-2019-1822 and CVE-2019-1823), the attacker needs to have appropriate credentials to authenticate to the impacted administrative software.

Cisco released software improvements that address these weaknesses. There are no workarounds that address these weaknesses.

Buy WS-C2960+24PC-S at

Add This Entry To Your CureZone Favorites!

Print this page
Email this page
DISCLAIMER / WARNING   Alert Webmaster

CureZone Newsletter is distributed in partnership with

Contact Us - Advertise - Stats

Copyright 1999 - 2021

0.111 sec, (2)

Back to blog!
Add Blog To Favorites!
Add This Entry To Favorites!

Comments (2 of 2):
Re: Samsung Galaxy… lucky… 4 y
Re: Will your phon… lucky… 4 y
All Comments (2)

Blog Entries (12 of 143):
Gresca reports critical vuln…  20 mon
2019 Best LED Grow Light Rev…  20 mon
Alcatel 5 render leaked, rev…  3 y
You can buy Moto E4 through …  3 y
Oppo find 9 will support Sup…  3 y
Xiaomi Mi MIX 2 Price in Ind…  3 y
Apple iPhone 2018: What's th…  3 y
OnePlus 5T Face Unlock Featu…  4 y
HTC and Motorola don’t slow …  4 y
Is it hard to assemble iPhon…  4 y
Nokia 7 to globally launch i…  4 y
Tips on how to assemble iPho…  4 y
All Entries (143)

Blogs by arvinparts (1):
curparts  78 h  (93)

Similar Blogs (10 of 185):
토토365…  by toto365pro  5 d
Tracking your busin…  by sarrakhan1  5 d
What is the Average…  by drrajatgupta  7 d
artikel judi online  by bandaronline  8 d
agenbandar  by borildavid  10 d
ĐỒ gia d…  by linknuochoa  11 d
best mattress Austr…  by DavidJones  13 d
essayswritings  by evelynhermann  14 d
Home additions Guel…  by KaneDavid  14 d
Brand development m…  by SteveWilson  14 d
All Blogs (1,019)

Back to blog!

Clark Kidney Cleanse
Dr. Hulda Clark’s Kidney Cleanse with purest products! Great pric...

Natural Cancer Remedies
Cancer-proof your body with little known immune boosters!

Wormwood Capsules, Clove Tincture
Hulda Clark Parasite Cleanse

J.Crow’s® Lugol’s Iodine
Free S&H.Restore lost reserves.J.CROW’S®Lugol’s Iodine Solut...

Natural, Soothing, Progesterone Oil
Supplementation and Hormone Balancing Based on the...