Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cisco Patches Several CS-MARS Vulnerabilities

Cisco has reported multiple vulnerabilities in its Cisco Security Monitoring, Analysis and Response System (CS-MARS) appliances that could allow remote attackers to gain unauthorized access to the appliance and view sensitive data.

The CS-MARS appliance monitors multiple network devices for security problems by examining configurations on routers and switches, and it also enables companies to verify the security of their infrastructure against pre-defined security checklists.

Cisco issued a security advisory Wednesday and has made fixes available for the flaws, which affect CS-MARS appliances prior to version 4.2.1.

CS-MARS includes a JBoss web application server that could potentially allow an unauthenticated attacker to log in remotely and send specially designed HTTP requests to the CS-MARS appliance which would enable them to execute commands on the appliance with administrator privileges, Cisco said.

Security researcher Jon Hart posted a proof of concept for the JBoss flaw to the Full-Disclosure security mailing list Wednesday. In his post, Hart cited issues with JBoss version 3.2.7 which ships with CS-MARS, as well as a lack of security in the jmx console, which provides a view into the microkernel of the JBoss application server.

  • 1