The Cisco guidance mentions that access lists are probably effective: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z
"We assess with high confidence, based on further understanding of the exploit, that access lists applied to the HTTP Server feature to restrict access from untrusted hosts and networks are an effective mitigation." Is there a better way of restricting access to management interfaces of a L3 switch say to certain VRFs or interfaces? All the best David ________________________________ From: uknof <[email protected]> on behalf of Chris Russell <[email protected]> Sent: 17 October 2023 12:39 To: [email protected] <[email protected]> Subject: Re: [uknof] actively exploited cisco 0 day with maximum 10 severity gives full network control On Tue, Oct 17, 2023 at 12:34 PM Brandon Butterworth <[email protected]<mailto:[email protected]>> wrote: Given cisco sneaky turning stuff on there is scope for surprise Wise words. Chris Mae croeso i chi gysylltu gyda'r Brifysgol yn Gymraeg neu Saesneg. Ni fydd gohebu yn Gymraeg yn arwain at oedi. You are welcome to contact the University in Welsh or English. Corresponding in Welsh will not lead to delay. Rhif Elusen Gofrestredig 1141565 - Registered Charity No. 1141565 Gall y neges e-bost hon, ac unrhyw atodiadau a anfonwyd gyda hi, gynnwys deunydd cyfrinachol ac wedi eu bwriadu i'w defnyddio'n unig gan y sawl y cawsant eu cyfeirio ato (atynt). Os ydych wedi derbyn y neges e-bost hon trwy gamgymeriad, rhowch wybod i'r anfonwr ar unwaith a dilewch y neges. Os na fwriadwyd anfon y neges atoch chi, rhaid i chi beidio a defnyddio, cadw neu ddatgelu unrhyw wybodaeth a gynhwysir ynddi. Mae unrhyw farn neu safbwynt yn eiddo i'r sawl a'i hanfonodd yn unig ac nid yw o anghenraid yn cynrychioli barn Prifysgol Bangor. Nid yw Prifysgol Bangor yn gwarantu bod y neges e-bost hon neu unrhyw atodiadau yn rhydd rhag firysau neu 100% yn ddiogel. Oni bai fod hyn wedi ei ddatgan yn uniongyrchol yn nhestun yr e-bost, nid bwriad y neges e-bost hon yw ffurfio contract rhwymol - mae rhestr o lofnodwyr awdurdodedig ar gael o Swyddfa Cyllid Prifysgol Bangor. This email and any attachments may contain confidential material and is solely for the use of the intended recipient(s). If you have received this email in error, please notify the sender immediately and delete this email. If you are not the intended recipient(s), you must not use, retain or disclose any information contained in this email. Any views or opinions are solely those of the sender and do not necessarily represent those of Bangor University. Bangor University does not guarantee that this email or any attachments are free from viruses or 100% secure. Unless expressly stated in the body of the text of the email, this email is not intended to form a binding contract - a list of authorised signatories is available from the Bangor University Finance Office.
