Cisco DNA Center Bug Opens Enterprises to Remote Attack

  • The substantial-severity security vulnerability (CVE-2021-1257) allows cross-web site request forgery (CSRF) attacks.

    A cross-internet site request forgery (CSRF) vulnerability in the Cisco Digital Network Architecture (DNA) Heart could open up business end users to distant attack and takeover.

    The flaw, tracked as CVE-2021-1257, exists in the web-based mostly management interface of the Cisco DNA Center, which is a centralized network-management and orchestration system for Cisco DNA. It carries a CVSS vulnerability-severity score of 7.1, producing it large-severity.

    Cisco DNA is the networking giant’s application-defined strategy for aligning campus, department, WAN and remote-employee aspects of enterprise networks. The DNA Center will allow admins to provision and configure all network products, and it works by using synthetic intelligence (AI) and machine finding out (ML) to proactively keep track of, troubleshoot and enhance networks. It also integrates with third-bash methods. In shorter, the DNA Center permits deep attain and visibility into an organization’s network, all from one particular stage of entry.

    The web-primarily based administration interface utilised for accessing and applying the Cisco DNA Centre has insufficient CSRF protections in program versions prior to 2.1.1.. The patch issued right now addresses the problem.

    CSRF is an attack that forces an finish user to execute undesired steps on a web application in which the particular person is presently authenticated. Consequently, the bug could allow an unauthenticated, distant attacker to “conduct an attack to manipulate an authenticated consumer into executing destructive steps with no their consciousness or consent,” according to Cisco’s advisory, issued on Monday.

    An attacker could exploit the vulnerability by socially engineering a web-based mostly administration user into adhering to a specifically crafted url, say by using a phishing email or chat. If the user clicks on the connection, the attacker can then carry out arbitrary steps on the device with the privileges of the authenticated person.

    These steps consist of modifying the machine configuration, disconnecting the user’s session and executing Command Runner instructions, Cisco noted.

    This vulnerability is fastened in Cisco DNA Center Software program releases 2.1.1., 2.1.2., 2.1.2.3 and 2.1.2.4, and later. Cisco credited Benoit Malaboeuf and Dylan Garnaud from Orange for reporting the bug. vulnerability.

    Much more 2021 Cisco Security Bugs

    This is just the most up-to-date relating to security vulnerability for Cisco this 12 months. Very last 7 days, it warned of various, critical vulnerabilities in its SD-WAN alternatives and DNA Centre, among the some others.

    Just one critical-severity flaw (CVE-2021-1299) exists in the web-centered administration interface of Cisco SD-WAN vManage computer software. The bug (which ranks 9.9 out of 10 on the CVSS scale) could make it possible for an authenticated, distant attacker to acquire root-stage entry to an influenced procedure and execute arbitrary instructions as the root consumer on the process.

    A next critical flaw is CVE-2021-1300, which ranks 9.8 out of 10 on the CVSS scale, could allow an attacker to execute arbitrary code on the fundamental working procedure with root privileges.

    And, a critical-severity flaw was found in the Command Runner resource of Cisco DNA Heart (CVE-2021-1264), which ranks 9.6 out of 10 on the CVSS scale. A productive exploit could enable the attacker to execute arbitrary CLI instructions on devices managed by Cisco DNA Center, according to Cisco.

    Earlier in January, Cisco fastened higher-severity flaws tied to 67 CVEs general, such as types observed in its AnyConnect Protected Mobility Client and in its RV110W, RV130, RV130W and RV215W tiny-enterprise routers.

    The most critical flaw (CVE-2021-1144) troubled Cisco Connected Mobile Experiences (CMX), a program solution that is used by stores to provide business enterprise insights or on-site shopper practical experience analytics. The option utilizes the Cisco wireless infrastructure to acquire a treasure trove of knowledge from the retailer’s Wi-Fi network, such as authentic-time shopper-spot tracking. The high-severity issue (8.8 out of 10 on the CVSS vulnerability-severity scale) could allow an authenticated attacker to impersonate any user on the method.

    Down load our exclusive Free of charge Threatpost Insider Ebook Health care Security Woes Balloon in a Covid-Period Entire world , sponsored by ZeroNorth, to find out more about what these security hazards signify for hospitals at the day-to-day level and how healthcare security teams can put into practice most effective methods to safeguard companies and sufferers. Get the entire tale and Down load the E book now – on us!