Connection Hijacking Vulnerability- Huawei

A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the RAVPN service.

Due to the lack of reverse address check and TCP connection tracing, attackers on the same LAN with the victim device successfully exploit this vulnerability to hijack TCP sessions and connections and inject forged messages. Successful exploitation of this vulnerability may cause DoS or information leakage on the victim device.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the Huawei Security advisory and apply the recommended migrations.

RELATED ADVISORIES

Advisories 25 November 2024

Cross-site Scripting (XSS) Vulnerability- SPLUNK (Cisco)

Scope: SPLUNK (Cisco)

Severity: Medium

A vulnerability in Splunk Enterprise and Splunk Cloud Platform allows low-privileged users to execute unauthorized JavaScript in a user’s browser via a custom configuration file affecting the “api.uri” parameter. Versions below Splunk Enterprise 9.2.3 and 9.1.6, and Splunk Cloud Platform 9.2.2403.108 and 9.1.2312.205 are affected.

Affected Versions: