Dan Marin

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine (ISE) (affected versions not specified) Description: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (affected versions not specified) **Description** A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This issue is due to insecure deserialization of user-supplied Java byte streams by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object to an affected API. A successful exploit could allow the attacker to execute arbitrary commands on the device and elevate privileges. Note that to successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. It is estimated that over 45,000 organizations worldwide may be affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: PAN-OS (affected versions not specified) Description: A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker-controlled server. This attack requires network access to the firewall management interface. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** The issue is related to a lack of protection for the web page structure in the Cisco ISE web-based management interface, allowing for a potential cross-site scripting (XSS) attack. An authenticated, remote attacker could exploit this to conduct an XSS attack against a user of the web-based management interface of an affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) (affected versions not specified) **Description** A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. This issue is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Unified Communications Manager (Unified CM) versions (affected versions not specified) Cisco Unified Communications Manager Session Management Edition (Unified CM SME) versions (affected versions not specified) **Description** A vulnerability in the web-based management interface of the affected software could allow an authenticated, remote attacker to delete arbitrary files from an affected system. This issue exists because the software does not properly validate HTTP requests, such as those sent to `/api` endpoints, allowing an attacker to exploit the vulnerability by sending a crafted HTTP request. A successful exploit could allow the attacker to delete arbitrary files from the affected system. **Recommendations** For Cisco Unified Communications Manager (Unified CM), at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Unified Communications Manager Session Management Edition (Unified CM SME), at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Unified Communications Manager versions (affected versions not specified) Cisco Unified Communications Manager Session Management Edition versions (affected versions not specified) Cisco Unified Communications Manager IM & Presence Service versions (affected versions not specified) **Description** The issue exists due to insufficient file permission restrictions, allowing an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. An attacker could exploit this by sending a crafted command from the API to the application. The attacker would need valid user credentials to exploit this issue. **Recommendations** For Cisco Unified Communications Manager, restrict access to the database user privileges until a patch is available. For Cisco Unified Communications Manager Session Management Edition, consider disabling the API access to minimize the risk of exploitation. For Cisco Unified Communications Manager IM & Presence Service, avoid using the affected database user privileges in the API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager (affected versions not specified) **Description** A vulnerability in the web-based management interface of the affected systems could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This issue exists because the interface does not properly validate user-supplied input. An attacker could exploit this by persuading a user to click a crafted link, potentially allowing the attacker to execute arbitrary script code or access sensitive browser-based information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM) (affected versions not specified) **Description** The issue is related to the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network Manager (EPNM), where the interface does not properly validate user-supplied input. This could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The attacker could exploit this by persuading a user to click a crafted link, potentially allowing the execution of arbitrary script code in the context of the affected interface or access to sensitive, browser-based information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions earlier than 8.1.20 PAN-OS versions earlier than 9.0.14 PAN-OS versions earlier than 9.1.10 PAN-OS versions earlier than 10.0.2 **Description** A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. **Recommendations** For PAN-OS 8.1 versions earlier than 8.1.20, update to version 8.1.20 or later. For PAN-OS 9.0 versions earlier than 9.0.14, update to version 9.0.14 or later. For PAN-OS 9.1 versions earlier than 9.1.10, update to version 9.1.10 or later. For PAN-OS 10.0 versions earlier than 10.0.2, update to version 10.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions prior to 8.1.20 PAN-OS versions prior to 9.0.14 PAN-OS versions prior to 9.1.10 PAN-OS versions prior to 10.0.6 **Description** An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. **Recommendations** For PAN-OS versions prior to 8.1.20, update to version 8.1.20 or later. For PAN-OS versions prior to 9.0.14, update to version 9.0.14 or later. For PAN-OS versions prior to 9.1.10, update to version 9.1.10 or later. For PAN-OS versions prior to 10.0.6, update to version 10.0.6 or later.