Tech titan discloses new vulnerabilities

A couple of new vulnerabilities starts hovering over the cyber world where the users run the risk of losing crucial information, data and their accounts might be compromised. 

In its recent disclosures, Cisco has named four vulnerabilities where the hackers even could tamper the database apart from pilfering the information and compromising the accounts. 

In a bid to keep the impending danger at bay, the top tech titan has released a slew of guidelines saying that these might strike the Policy Suit to enable the hackers to affect the software’s database. 

According to Cisco which calls CVE-2018-0374, the first one vulnerability might give the hackers a direct access to the policy builder database. 

Hackers find it very easy to attack in the database since nothing is required to verify an identity. 

The next vulnerability stems from a default password error which Cisco terms CVE-2018-0375 and it allows the remote hackers an unlimited access to log into a system with the help of a root account. 

The tech giant spotted it in the Cluster Manager of Cisco Policy Suite. Identified as CVE-2018-0376, the third one, precisely, stems from the absence of authentication measures. 

It might allow a hacker to change in the existing repositories to put in place a new one. The fourth and last one is CVE-2018-0377 which allows the attackers to take control of the Open Systems Gateway initiative (OSGi) interface. 

Cisco experts say it allows the hackers to affect the security processes. Further it allows the attackers to connect to the interface with access to any files. 

Cisco, recently, has issued patches to counter the these bugs disclosing that nobody has so far been able to exploit these vulnerabilities.

from E Hacking News - Latest Hacker News and IT Security News https://ift.tt/2mxxsje