Rewterz

Rewterz Threat Alert – Sea Turtle Adopts New DNS Hijacking Techniques

July 18, 2019
Rewterz

Rewterz Threat Advisory – CVE-2019-1784 – Cisco NX-OS Software Command Injection Vulnerability

July 18, 2019

Rewterz Threat Advisory – CVE-2019-1917 – Cisco Vision Dynamic Signage Director REST API Authentication Bypass Vulnerability

Severity

High

Analysis Summary

The vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary actions through the REST API with administrative privileges on the affected system.

Impact

Privilege access

Affected Vendors

Cisco

Affected Products

Cisco Vision Dynamic Signage Director

Remediation

Please see vendor’s advisory for more details

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-cvdsd-wmauth

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.