Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities (w…

…agov#506) * Cisco Expressway Advisory * Format markdown files * Update 20240208003-Cisco-Expressway-Series-Cross_Site-Request-Forgery.md changing of links * Format markdown files --------- Co-authored-by: GitHub Actions <actions@github.com> Co-authored-by: Joshua Hitchen (DGov) <86041569+DGovEnterprise@users.noreply.github.com>
LSerki · Feb 8, 2024 · f799ec2 · f799ec2
1 parent 7dc66a2
commit f799ec2
Showing 1 changed file with 25 additions and 0 deletions.
diff --git a/docs/advisories/20240208003-Cisco-Expressway-Series-Cross_Site-Request-Forgery.md b/docs/advisories/20240208003-Cisco-Expressway-Series-Cross_Site-Request-Forgery.md
@@ -0,0 +1,25 @@
+# Cisco Expressway Series Cross-Site Request Forgery Vulnerabilities - 20240208003
+
+## Overview
+
+Cisco has released a security advisory relating to multiple vulnerabilities for their Cisco Expressway product that could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks and perform arbitrary actions on an affected device.
+
+## What is vulnerable?
+
+| Product(s) Affected                                                   | Summary | Severity                                                                                                                                                                       | CVSS |
+| --------------------------------------------------------------------- | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---- |
+| **[CVE-2024-20252](https://nvd.nist.gov/vuln/detail/CVE-2024-20252)** |         | **[CRITICAL](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-20252&vector=AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H&version=3.1&source=Cisco%20Systems,%20Inc.)** | 9.6  |
+| **[CVE-2024-20254](https://nvd.nist.gov/vuln/detail/CVE-2024-20254)** |         | **[CRITICAL](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-20254&vector=AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H&version=3.1&source=Cisco%20Systems,%20Inc.)** | 9.6  |
+| **[CVE-2024-20255](https://nvd.nist.gov/vuln/detail/CVE-2024-20255)** |         | **[HIGH](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2024-20255&vector=AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:L&version=3.1&source=Cisco%20Systems,%20Inc.)**     | 8.2  |
+
+## What has been observed?
+
+There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
+
+## Recommendation
+
+The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month...* (refer [Patch Management](../guidelines/patch-management.md)):
+
+## Additional References
+
+- [Cisco Security Advisory(cisco.com)](https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-KnnZDMj3)