Title: Cisco patches critical issues in WSA, BPA
Description: Multiple, critical vulnerabilities in Cisco’s Web Security Appliance (WSA) and Business Process Automation (BPA) could allow an attacker to elevate their privileges to the level of an administrator. This opens the door for the attacker to access sensitive data or take over a targeted system. The issues both received a CVSS severity score of 8.8 out of 10. An adversary could exploit these vulnerabilities, identified as CVE-2021-1574 and CVE-2021-1576, by sending specially crafted HTTP messages to the targeted system.
Snort SIDs: 57882 – 57887
Title: Critical vulnerabilities in ForgeRock’s Access Management actively under attack
Description: The U.S. Cybersecurity and Infrastructure Security Agency warned users that attackers are actively exploiting critical remote code execution vulnerabilities in ForgeRock’s Access Management software. Access Management serves as a front end for web apps and remote access setups in enterprise networks. CISA, along with ForgeRock, warned users that the vulnerabilities are actively under exploitation in the wild, although ForgeRock has already released a patch. An adversary could exploit these vulnerabilities to execute commands in the context of the current user.
Snort SIDs: 57912, 57913