Critical vulnerabilities found in Cisco Data Center Network Manager

Vulnerability testing specialists reported the existence of multiple flaws in the Cisco Data Center Network Manager (DCNM) software authentication mechanism, which runs on Nexus data center switches.

This is a central management panel for Cisco
Nexus-based data center structures that performs automation, configuration
control, flow policy management, and real-time status details.

There are reportedly three different vulnerabilities, each with a score of 9.8/10 in the Common Vulnerability Scoring System (CVSS); according to vulnerability testing specialists, if exploited, these flaws would allow a remote hacker to bypass authentication and perform arbitrary activities with administrator privileges on the vulnerable system.

In addition, the report mentions that this is
not an attack chain, so it is possible to abuse only one of these
vulnerabilities without exploiting the remaining two. Also, a software version
could be affected by only one or two of these failures, the set of three
vulnerabilities do not necessarily affect all versions of DCNM.

The three serious vulnerabilities discovered
are described below:

  • REST
    API authentication bypass vulnerability: A flaw in the Cisco DCNM REST API
    endpoint would allow a remote hacker to bypass authentication; this flaw exists
    due to a static encryption key shared between installations, vulnerability
    testing specialists say
  • SOAP
    API bypass vulnerability: A security weakness in the Cisco DCNM SOAP API
    endpoint could allow an unauthenticated remote attacker to bypass
    authentication in the failed-impacted deployment
  • Authentication
    bypass vulnerability: A weakness in the Cisco DCNM web management interface
    would allow a remote threat actor to skip the authentication step on the
    affected device

In addition to disclosing these three serious
vulnerabilities to the public, reports were released on multiple media security
flaws related to REST and SOAP APIs. These minor errors include:

  • REST
    API SQL injection vulnerability: Exploiting this vulnerability would allow an
    authenticated remote attacker with administrative privileges to execute
    arbitrary SQL commands on an affected device
  • REST
    API command injection vulnerability: A security flaw in the Cisco DCNM REST API
    could allow an authenticated hacker with administrator privileges in the DCNM
    application to inject arbitrary commands into the underlying operating system

The International Institute of Cyber Security (IICS)
recommends that users of the affected system keep abreast of any upgrades
issued by Cisco, in addition to installing any security patches that the
company deems necessary.

Click to comment

You must be logged in to post a comment Login

Leave a Reply

To Top

Pin It on Pinterest

Share This