Reading:
Cisco Released Patches for Vulnerabilities Affecting Several Products

Cisco Released Patches for Vulnerabilities Affecting Several Products

September 8, 2022

Three security issues impacting Cisco products were patched on Wednesday, including a high-severity vulnerability discovered in NVIDIA Data Plane Development Kit (MLNX DPDK) last month. 

The vulnerability, identified as CVE-2022-28199 (CVSS 8.6), is due to improper error handling in the network stack of DPDK, which enables a remote attacker to cause a denial-of-service (DoS) scenario and affects data integrity and confidentiality. 

A framework and standard API for high-speed networking applications are provided by the DPDK, which is a set of libraries and optimized network interface card (NIC) drivers for fast packet processing. 

Cisco Products Affected by CVE-2022-28199 

Cisco stated it looked into its product line and found the following services were impacted by the bug:

Product

Fixed Release

Cisco Catalyst 8000V Edge Software

17.6.4 
17.7.2 
17.9.1 and later 
Note: Only the 17.6, 17.7, and 17.8 versions are affected.

Adaptive Security Virtual Appliance (ASAv)

9.17.1.x (release date TBD) 
9.18.2 
9.19.x and later 
Note: Only the 9.17 and 9.18 versions are affected.

Secure Firewall Threat Defense Virtual (formerly FTDv)

7.1.0.3-x (release date TBD)  
7.2.1.x (release date TBD)  
7.3.x and later  
Note: Only the 7.1 and 7.2 versions are affected.

Cisco has also fixed a flaw identified as CVE-2022-20696 (CVSS 7.5) in Cisco SD-WAN vManage Software. The vulnerability could provide an unauthenticated attacker that already has access to VPN0 logical network with access to the messaging service ports. If the attack is successful, the attacker may be able to view and inject messages to force a reload or alter configurations. 

Another fix was issued for a flaw in the messaging interface of the Cisco Webex App. CVE-2022-20863 vulnerability was caused due to improper character rendering that could allow an unauthenticated remote attacker to alter links and content to initiate phishing attacks. 

Auth Bypass Flaw Will Not Be Fixed 

Cisco additionally provided information about an authentication bypass flaw (CVE-2022-20923) that could lead to an attacker obtaining administrator-level privileges. CVE-2022-20923 affects devices that are configured to have IPSec VPN Server enabled. 

Cisco explained there would be no patches for this flaw due to impacted products (RV110W, RV130, RV130W, and RV215W Routers) reaching end-of-life. The vulnerability is not critical, but it is recommended to migrate to a supported router series.