Tag Archive for IOS

| November 2, 2023
Comments Off on What’s Up with the Cisco XE Vulnerability

What’s Up with the Cisco XE Vulnerability

What's Up with the Cisco XE VulnerabilityIf you are using Cisco (CSCO) switches or routers that run on IOS XE software, you may be at risk of a serious security breach. A vulnerability (CVE-2023-20198) affecting the web user interface (UI) of IOS XE software has been actively exploited by cyber threat actors to take control of affected devices. This vulnerability allows an attacker to send malicious HTTP requests to the web UI and execute arbitrary commands with elevated privileges.

What is the Cisco IOS XE Vulnerability?

The Cisco IOS XE vulnerability is a command injection vulnerability that affects the web UI feature of IOS XE software. CERT Orange Cyberdefense discovered more than 34,500 IOS XE IPs compromised by the 10/10 vulnerability. The web UI is a web-based management interface that allows users to configure and monitor Cisco devices through a web browser. Cisco’s web UI feature is enabled by default on the base image and can be enabled or disabled through the command-line interface (CLI).

The vulnerability exists because the web UI does not properly validate the user input in the HTTP requests. An attacker can exploit this vulnerability by sending specially crafted HTTP requests to the web UI that contain malicious commands. These commands are then executed with root privileges on the underlying operating system. Root grants the attacker full control over the device.

The attacker does not need to authenticate to the web UI to exploit this vulnerability. What they need is access to the web UI through the network. This means that any device that has the web UI exposed to the internet or an untrusted network is vulnerable.

How Can This Vulnerability Impact Your Network?

Data theftThe impact of this vulnerability depends on the role and configuration of the device in your network. An attacker who gains control of a Cisco device can use it to perform various malicious actions, such as:

  • Modify or delete the device configuration.
  • Install malware or backdoors on the device.
  • Redirect or intercept network traffic.
  • Launch attacks against other devices or networks.
  • Exfiltrate sensitive data from the device or network.

Depending on the device type and location, these actions can have serious consequences for your network. For example, an attacker who compromises a core switch or router can disrupt or manipulate the network traffic for a large segment of your network, affecting multiple services and users.

What Can You Do to Mitigate the Risk?

What Can You Do to Mitigate the Risk?Cisco has released a patch for this vulnerability. However, Cisco has not patched some versions of IOS XE software. You can check if your device is affected and if there is a fixed version available by visiting the Cisco Security Advisory page. If there is a fixed version for your device, you should apply it as soon as possible.

However, if there is no fixed version for your device yet, or if you cannot apply it immediately, you should take some additional steps to protect your network from this vulnerability. Here are some recommendations:

  • Disable the web UI feature on your device if you do not need it. You can do this by using the `no ip http server` and `no ip http secure-server` commands in the CLI.
  • Restrict access to the web UI feature by using access control lists (ACLs) or firewall rules. You should only allow trusted IP addresses or networks to access the web UI. You should also block any unauthorized or external access.
  • Monitor your network for any suspicious activity. You should use network security tools such as intrusion detection systems (IDS), intrusion prevention systems (IPS), or security information and event management (SIEM) systems to detect and respond to any potential attacks.
  • Report any information or evidence related to this vulnerability with CISA and Cisco to help them investigate and mitigate this threat.

How Can You Check If Your Device Is Affected?

How Can You Check If Your Device Is Affected?To check if your device is affected by this vulnerability, you need to verify two things: the version of IOS XE software running on your device, and the status of the web UI feature on your device.

Check the version. Check the version of IOS XE software running on your device by using the `show version` command in the CLI. You should compare the output with the list of affected and fixed versions provided by Cisco in the security advisory.

Check the status of the web UI. To do this you use the `show ip http server status` and `show ip http secure-server status` commands in the CLI. You should look for any output that indicates that the web UI feature is enabled or listening on any port.

If your device is running an affected version of IOS XE software and has the web UI feature enabled, you should consider it vulnerable and take immediate action to protect it.

The vulnerability is evolving

The vulnerability is evolvingOn 10/18/2023 threat intelligencer Censys found over 40,000 vulnerable devices. On 10/21/2023 ONYPHE said its scanning found 1,214 unique compromised IP addresses. That is a 97% decrease nearly overnight. There are number of possible explanations for the rapid decline. Some have argued that the attach is evolving. CERT Orange Cyberdefense speculated it is “a potential trace cleaning step is underway [by the threat actor] to hide the implant.”

rb-

The Cisco IOS XE vulnerability is a serious security issue that affects many Cisco devices running on IOS XE software. You should patch your device as soon as possible because the attacker are evolving the exploit. The ability to hide the exploit will make this a long-term problem on many networks.

 

How you can help Ukraine!

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , ,
| March 8, 2021
Comments Off on 8 Hacks to Reduce Your Cell Phone Bill

8 Hacks to Reduce Your Cell Phone Bill

8 Hacks to Reduce Your Cell Phone BillAre you spending too much on your cell phone bill? The average cell phone bill for a family of four on unlimited data can reach up to $2,670 a year. One of the reasons your cell phone bill is so high is the data plan. All those video chats, streaming services, and data-hungry apps mean you are using a lot of data on your cell phone. Statista says that the average smartphone user will use almost 9GB of data per month in 2021. All this cellular data usage comes with unexpected overages bills, too. No one likes sky-high cell phone bills. Here are some easy-to-follow tips to help you find ways to reduce your data use and reduce your cell phone bill.

the average smartphone userThe first step to reduce your cellphone bill is to know what you really need. Research says that 66% of Americans with unlimited cell phone plans consume less than 10 gigabytes of cell phone data monthly. These cell phone user could reduce their cell phone bill by an average of $268.44 a year without running out of cell phone data.

Wi-Fi helps you reduce your cell phone bill

Consistently connecting to Wi-Fi networks will reduce the amount of cellular data you use, and reduce your cell phone bill. This is important because watching a Netflix movie while using cellular data will eat up anywhere between 1GB to 3GB per hour. Wireless carriers divert cellular traffic to Wi-Fi to save money – so should you. Here are some tricks to reduce your cell phone bill.

Turn on Wi-Fi to reduce your cell phone bill1 – Turn on Wi-Fi – Make sure your Wi-Fi settings are turned on, and you are connected to an available Wi-Fi network.

2 – Turn off Wi-Fi Assist (iOS) and Smart Network Switch (some Android models). These built-in settings try to boost a spotty or slow Wi-Fi connection by using your cellular connection. These settings can use a lot of data.

  • Android devices, go to Settings > Connections > Wi-Fi. Tap the three dots, select Advanced, and tap the slider for “Switch to mobile data.”
  • Apple devices, go to Settings > Cellular or Settings > Mobile Data. Then scroll down and tap the slider for Wi-Fi Assist.

Limit your data usage

3 – Cap your monthly data usage – Android has a built-in feature that allows you to limit your cellular data to a set amount based on your billing cycle. Here’s how to set that up:

  • Go to Settings > Network & internet > Data usage > Data warning & limit (or Data limit & billing cycle) to set the maximum amount of data you want to use for the month.
  • Or, tap “App data usage cycle” to set the first day of your billing cycle.

Apple devices don’t include the same built-in feature to restrict your data usage. To keep an eye on your cellular data use on your Apple iOS device go to:

  • Settings > Cellular or Settings > Mobile Data. (On an iPad, it may be Settings > Cellular Data)
  • You can also reset your data usage for the “Current Period” here every month so you know how much you’re using each billing cycle.

4 – Update apps over Wi-Fi only – If your apps are set to update automatically, they may be draining your data over a cellular network.  You can set your device to update apps over Wi-Fi only to reduce your cellphone bill. Once you do that, the apps will only update and use data when you’re connected to Wi-Fi.

  • Android, go to the Play Store and tap Menu > Settings > Auto-update apps, then select “Auto-update apps over Wi-Fi only.
  • iOS, go to Settings > App Store > scroll to “Cellular Data” and toggle “Automatic Downloads” to the off position.

Disable background app data

5 – Disable app data in the background – Some apps will continue to gather data in the background while you’re not using your phone. This may be a good feature for a news app, but not every app needs this feature. To turn this feature off for your apps

  • Android, go to Settings > Data Usage to see which apps are using the most data. Tap on the app you’d like to restrict and disable background data.
  • iOS, go to Settings > General > Background App Refresh. Here, you can choose whether you want this feature on or off completely, or just WiFi only. You can also toggle this on and off for individual apps.

6 – Disable display ads for your browser. Display ads auto-play videos that stream to your phone, so if you have a browser that helps you disable these ads, you save plenty of data and reduce your cell phone bill.

Turn off your phone

7 – Turn off your phone while asleep. It is likely that throughout the night, data will be used on the phone, especially if applications are running. You could save a lot of data and money over time by trying out this hack.

8 – Compress your updates. There are applications that can make your data usage around 5 times more efficient by compressing it. Take a look at the apps.

The downside, however, is that the company will be aware of the data you’re accessing. It all depends on if that is a price you’re willing to pay.

rb-

If these hacks fail to reduce your cell phone bill, you have the option to change to a plan with a data limit in order to reduce your cell phone bill.

Stay safe out there!

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| July 3, 2020
Comments Off on What You Need to Know About Blue Light on Your Screens

What You Need to Know About Blue Light on Your Screens

What You Need to Know About Blue Light on Your Screens CNN reports that Americans spent up to seven hours and 22 minutes on screens each day in 2019— not including screens used for school work.  That was before the pandemic, which pushed people’s social lives onto Zoom video chats.  There are risks in all that screen time.  One common concern is the blue light that emanates from digital devices.

PrismAll visible light falls on a color spectrum based on the wavelength frequency and energy levels each color produces.  Blue light is a short wavelength, high-energy, visible (HEV) light.  Darker colors, like blue, are the closest to more dangerous UV wavelengths and strength.  Lighter colors, like red, are on the opposite end of the spectrum, with longer wavelengths and lower energy levels.

Light spectrum

Blue light can be harmful.

Blue light can be harmful, like too much salt in our diet.  Our bodies are naturally adept at absorbing and dealing with blue light exposure, but too much can be harmful.

We are surrounded by blue light in our natural environment our whole life.  We tend to only worry about blue light coming from display screens.  It also comes from:

  • Naturally, from the sun,
  • Fluorescent lights, and
  • LED light bulbs.

LED RGB pixelsMost computer monitors, cell phone screens, and flat-screen TVs are additional sources of blue light.  HP explains this is because white light LEDs combine with blue LEDs to create a solid-state light that uses significantly less energy and power than alternative light sources, making it ideal for electronic devices.  It These digital devices cause excess blue light exposure, and there are concerns.

Our skin doesn’t have much of a problem dealing with blue light, but our eyes don’t have the same level of adaptation.  Because the wavelength of blue light is short and powerful, it can penetrate past the cornea to reach the retina, which is the most light-sensitive part of your eye.

Digital eye strain

Parts of the eyeOne of the most common side effects of blue light exposure is digital eye strain, also known as computer vision syndromeIt is caused by staring at a computer screen for too long and may lead to dry, sore, red eyes and blurred vision.  HP warns that with prolonged exposure, blue light can harm your eyes and lead to macular degeneration.

You can take some easy steps to avoid permanent damage to your eyesight.  Here are several suggestions to control your blue light exposure.  Our bodies are naturally conditioned and programmed to fall asleep when it gets dark and wake up when exposed to light.  Harvard Medical School found that it is essential to limit your screen time because blue light suppresses melatonin for about twice as long as green light and shifts circadian rhythms by twice as much.

The same Harvard study found that green light may be as hard on your eyes as blue light.  The researchers warn that the two lights are similar in strength, and there are few remedies for green light exposure.  Limiting screen time—even if you use a blue light filter is important. 

Get your eyes checkedIt’s not just blue light that can affect your vision.  As we age, the lens inside our eye can lose flexibility, resulting in the inability to change focus from far to near.  Regular comprehensive eye exams are important to maintaining eye health, no matter how much time you spend in front of screens.

If you already have prescription glasses, move to multi-focal lenses and have your optometrist add a blue light filter.  If not, “cheaters” from the drugstore may be enough—for a while. 

Blinking

Blinking is our body’s natural defense.  It lubricates and cleans our eyes.  Typically, we blink 10 to 20 times per minute.  However, studies have shown that our blink rate drops when we concentrate.  We only blink 3 to 8 times per minute when reading, watching TV, or looking at a computer screen.  Dry eyes are irritated eyes. 

Take time to rest your eyes every 20 minutes.  Look away from the computer and focus on something distant—like out a window.

  1. the average person blinks 10 to 20 times per minuteClose your eyes gently,
  2. Squeeze and hold them shut for a moment,
  3. Open and relax them.

Remember to blink more often in between, and when you are thinking, instead of squinting at the screen, turn away and blink a few times. 

A blue light filter can be a physical barrier or an application that blocks out blue light.  Physical blue light filters block short, high-frequency waves and allow long, low-frequency ones.  HP says physical blue light screen filters are the easiest and best way to reduce your blue light exposure.  Some are just a clear piece of plastic material that covers your monitor. 

Blue light filtering glasses

blue light filtering glassesWearing blue light-filtering glasses for 3 to 4 hours before bedtime is the easiest way to keep your melatonin levels in check and your retinas protected.  An inexpensive over-the-counter pair online can cost $10.00 and up to $80.00.  The original Blue Blockers cost $19.95 back in the day.

Many prescription and over-the-counter cheaters have blue light filters in the lenses.  However, if you regularly wear prescription glasses, investing in a physical blue light filter may be a waste of money.

Windows 10

You can also reduce your blue light exposure by adding an app to many of your digital devices.  Microsoft (MSFT) Windows 10 has a built-in Night Light feature to control blue light.  To use Windows 10’s app:

  1. Microsoft logoClick the Start button,
  2. Go to Settings,
  3. System,
  4. Display,
  5. Toggle the Night light switch to turn the feature on.
  6. Click the link for Night light settings where you can:
    • Set a schedule that controls the lighting on your computer screen,
    • Setting the screen temperature allows you to adjust the levels of blue light reduction.  Warmer colors filter out more blue light—experiment with settings to see what works best for you.

Apple

If you are an Apple (AAPL) Mac user, Apple’s built-in blue light filter app Night Shift requires macOS Sierra 10.12.4 and specific systems.  If you can, follow these steps to enable Night Shift:

  1. Apple logoChoose the Apple menu,
  2. System Preferences,
  3. then click Displays,
  4. Click the Night Shift tab.

On your Apple iPhone or iPad, go to

  1. Settings,
  2. Display & Brightness,
  3. Tap the Night Shift setting. 

As with all things Google (GOOG) Android, the availability of a built-in blue light filter depends on your specific device and version of Android.  To see if this feature is on your Android device, go to:

  1. Goggle Android logoSettings,
  2. Display,
  3. Look for an option for a Night Light or Blue Light filter. 

If your Android does not have a blue light filter, consider using Grayscale mode, an accessibility setting for most smartphones.

F.lux is a popular third-party blue light filter application with apps for Windows, Apple, Linux, and Phillips Hue lighting system apps. 

rb-

Please be aware that all these blue light blocker apps require you to turn on Location Services to get the automatic schedule.

Blue light-blocking apps can diminish the quality of your viewing experience.  HP says that compared to blue light filter applications and physical blue light blockers, physical devices diminish picture quality and color far less than apps.

Try one of these solutions to save yourself the discomfort and strain caused by blue light.

Stay safe out there!

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005.  You can follow him on LinkedInFacebook, and Twitter.  Email the Bach Seat here.

Category: Health care | Tags: , , , , , , , , , , , , , , , , ,
| March 24, 2020
Comments Off on COVID On Your Cell Phone

COVID On Your Cell Phone

COVID On Your Cell PhoneAmid the chaos of the COVID-19 lock-down one of your only allies in the social distancing campaign is your cell phone. Right? After all, everybody is attached to their mobile phone. In fact, research has shown that millennials check their phones 150 times a day (PDF). Why do we check our cell phones so much?

Researchers from the University of Illinois found in a recent study that 37% of women and 30% of men walking down the street have a smartphone in their hand. The UofI researchers Laura Schaposnik and James Unwin paper The Phone Walkers: A study of human dependence on inactive mobile devices propose four plausible reasons that pedestrians practice this behavior.

Appeasement – The first proposal is that we need immediate access to our phones now because so much of our social lives exist on the phone. In particular, research suggests that people in romantic relationships expect to be texted back within five minutes. We keep our phones out to appease partners.

anxiety if separated from mobile phonesAnxiety – The researcher’s next hypothesis was that we might be psychologically dependent on these phones to the point that we have anxiety if we’re separated from them. The researchers write. “… the simple manipulation of the object could lead to a corresponding decrease in tension or anxiety ….”

Safety – Personal safety is another distinct possibility. Research has found that technology gives young people confidence when facing the potential dangers of crime in a public place. The UofI team says we “..may hold their phones both for personal reassurance against perceived threats and as a visible warning sign to potential assailants.

peacock effectThe peacock effect – We might want to impress a possible partner with our fancy phones. The researchers compared the phenomenon to “displays of affluence by wearing designer fashion clothes or jewelry … to enhance or affirm a person’s social standing and to attract a suitable mate.

We are addicted to our cell phones so what? I have covered the germiness of mobiles on the Bach Seat before. But in the wake of recent events, I checked on current thinking and found that COVID-19 is probably on your mobile. German researchers reported (PDF) in the Journal of Hospital Infection that Coronaviruses can live on inanimate surfaces like metal, glass, or plastic, and remain infectious “from 2 hours up to 9 days.

Coronaviruses can live on surfaces like metal, glass, or plastic, and remain infectious "from 2 hours up to 9 days."Lead researcher Günter Kampf, M.D., an associated professor at the University of Greifswald, reported that a good strategy for surface disinfection is with a solution that contains 0.1% sodium hypochlorite or 62 to 71% ethanol. Either of these “significantly reduces coronavirus infectivity on surfaces within 1 min exposure time.

Charles Gerba, Ph.D., professor of microbiology and immunology at The University of Arizona, told Mens Health

…What we found … in office buildings is that you touch a surface with a virus on it and then you place it on your cell phone.” (A door handle, for example.) … You then go home or to another location and you touch your phone again a touch a table moving it to another location—great way to spread viruses around an office.

great way to spread viruses around an officeDr. Kampf warns,Check with the manufacturer. First, it should be effective against coronavirus … Second, not all disinfectants are compatible with the material of the smartphone surface.

Professor Gerba recommends an alcohol wipe or a microfiber cloth. “I would do it every time I have been out in public,” he says.

rb-

To safely clean your mobile:

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Health care | Tags: , , , , , , , , , , , ,
| June 20, 2017
Comments Off on Whats Up With Cisco?

Whats Up With Cisco?

Whats Up With Cisco?What is up with Cisco? Their fiscal results for 2017 Q3 showed revenue of $11.9 billion, a 1% decline in revenue, compared to last year. This is the 6th consecutive down quarter. The networking goliath also issued downward guidance for 2017 Q4. They estimated a revenue declines of 4-6% year-over-year.

Cisco logoOn the earnings call, Cisco CEO Chuck Robbins blamed several factors for the lower guidance. He cited:

  • “A pretty significant stall right now” in the U.S. federal public sector.
  • Service provider revenues were down in Mexico.
  • United Kingdom business is being dampened by currency issues.
  • Middle East, there is “pressure… relative to oil prices.”

Cisco layoffs

Then there are the layoffs. Cisco buried the announcement in a footnote in the company’s SEC 8-K report that 1,100 more layoffs are coming. That is on top of the 5,500 announced in August 2016.

In May 2017, we extended the restructuring plan to include an additional 1,100 employees with $150 million of estimated additional pretax charges.

Cisco layoffs

According to SDXCentral, the Cisco CEO stressed several times on the earnings call, that the company is transitioning to more software and subscription-based business. He declared,

I am pleased with the progress we are making on the multi-year transformation of our business.

These weak financial results and the move to a subscription-based business have fed speculation about the future Cisco business model. TechTarget speculates that Cisco may go so far as to separate the Network Operating System (NOS) from the hardware. They contend the move would be a dramatic departure from Cisco’s traditional business model of bundling high-margin hardware with its NOS. The author believes that market trends will likely force the vendor to release an open NOS.

Open NOS

Cisco 3750 switchTechTarget cites reports from The Information that a hardware-independent NOS called Lindt is coming. Reportedly Lindt will run on a white box powered by merchant silicon. According to the article, a number of market trends are driving the move to a hardware-independent NOS.

The first market trend forcing Cisco’s hand is the company’s declining dominance of the Ethernet switch market. Since 2011, the company’s share has dropped from 75% to less than 60% last year, according to the financial research site Trefis. The decline is important to Cisco’s bottom line. Switches accounted for 40% of Cisco’s product sales in 2016, 30% of net revenues, and 20% of the company’s $162 billion valuation.

Infrastructure as a ServiceCisco’s weakening performance in switching is tied to the second market trend forcing Cisco to release a hardware-independent NOS. Its customers are turning to public cloud providers, Amazon (AMZN) Web Services, Microsoft (MSFT) Azure, and IBM (IBM) SoftLayer, for their IT infrastructure. The more enterprises subscribe to infrastructure as a service, the less networking gear they need in their data centers.

Cloud computing

The shift to cloud providers is found in the latest numbers from Synergy Research Group. Revenue from public cloud infrastructure services is growing at almost 50% a year. In the fourth quarter of last year, revenues topped $7 billion.

cloud providers are building open networking hardware and softwareThe third market trend forcing Cisco to a hardware-independent NOS is enterprises that were Cisco’s largest customers are now competitors. Enterprises and cloud providers are building open networking hardware and software to replace inflexible proprietary systems that lock them in. Those companies include large financial institutions, like Bank of America, Goldman Sachs, and Fidelity Investments. As well as communication service providers, AT&T (T), Deutsche Telekom, and Verizon (VZ).

The technology shift is driving an enormous amount of spending on IT infrastructure. Worldwide spending on public and private cloud environments will increase 15% this year from 2016 to $42 billion, according to IDC. Meanwhile, spending in Cisco’s core market of traditional infrastructure for non-cloud data centers will fall by 5%.

White boxes

Arista NetworksWhile Cisco is ignoring the trend away from proprietary hardware, the article says Cisco’s rivals are embracing it. Juniper (JNPR) and Arista (ANET) have released versions of their NOS for white boxes favored by cloud providers and large enterprises. Both companies reported year-to-year revenue growth in switching last year. Even Cisco’s patent lawsuit against upstart Arista was set back by the courts.

Rohit Mehra, an analyst at IDC hypothesized that Cisco’s resistance to change is likely due to fear that giving customers other hardware options would accelerate declining sales in switching. “There would be potentially some risk of cannibalization in the enterprise space,” he added.

Cisco insists its customers are not interested in buying networking software that’s separate from the underlying switch. The Cisco spokesperson told TechTarget:

TCisco insists its customers are not interestedhe vast majority of our customers see tremendous value in the power and efficiency of Cisco’s integrated network platforms, and the tight integration of hardware and software will continue to be the basis of the networking solutions we offer our customers

TechTarget adds that Cisco doesn’t say the article is wrong. Instead, the company falls back on a corporate cliché for refusing to discuss a media report. “We don’t comment on rumor or speculation,” a Cisco spokesperson said.

The networking market is evolving away from the hardware that Cisco depends on for much of its valuation. Cisco will resist changing its market approach for as long as possible. But in the end, the company will have to become a part of the trend with an open NOS capable of running on whatever hardware the customer chooses.

Cisco’s own problems

Rather than change its model for selling networking gear, Cisco has spent billions of dollars on acquisitions over the last few years to create software and subscription-based businesses in security and analytics. But Cisco’s software push has yet to pay off with 5 conservative down quarters.

Finally, Cisco just recently patched a flaw in IOS software that affected more than 300 models of its switches. Despite issuing an advisory on March 17, Cisco did not release the patch for this vulnerability until May 8, 2017. The Cisco vulnerability was part of the Vault 7 WikiLeaks dump of alleged CIA hacking tools.

Alleged CIA hacking toolsThe vulnerability, rated a critical 9.8 out of 10 by the Common Vulnerability Scoring System, is in the Cluster Management Protocol, or CMP. could allow a remote, unauthenticated attacker to reload devices or execute code with elevated privileges. This vulnerability can be exploited during Telnet session negotiation over either IPv4 or IPv6.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , ,
« Older Entries