Cisco fixes 12 vulnerabilities in Data Center Network Manager

Must Read

Vivo overtakes Samsung in India, what lies ahead for smartphone maker

is still in the lead when it comes to smartphone sales in India. However, Samsung has slipped in the sales rankings with Vivo moving into second place

OnePlus likely to foray into wearables market in India

OnePlus in India continues to expand and it is likely to foray into wearables segment by launching powered products such as smartwatches

Moving physical data center to cloud: Here’re key non-negotiables for cloud migration

Any journey from a physical data center to the requires careful thought, education and investment in new capabilities to enable migration to the new environment.
Tech Observer Desk
Tech Observer Desk
TechObserver.in covers e-governance, enterprise IT, startups, telecom and consumer electronics.

On January 2, published a series of advisories for Network Manager (DCNM), a platform for managing Cisco’s deployments equipped with Cisco’s NX-OS. A total of 12 vulnerabilities were found and reported to Cisco, 11 of which were discovered by Steven Seeley of Source Incite.

Of the 12 vulnerabilities patched by Cisco, the most severe include a trio of critical authentication bypass flaws, two of which reside in DCNM API endpoints.

CVE-2019-15975 and CVE-2019-15976 are authentication bypass vulnerabilities in the REST API and SOAP API endpoints for Cisco DCNM due to the existence of a static encryption key shared between installations. A remote, unauthenticated attacker could gain administrative privileges through either the REST API or SOAP API by sending a specially crafted request that includes a valid session token generated using the static encryption key.

CVE-2019-15977 is an authentication bypass vulnerability in the web-based management interface for Cisco DCNM because of the use of static credentials. A remote, unauthenticated attacker could use these static credentials to extract sensitive information from the vulnerable device, enabling them to perform additional attacks.

Utilizing these authentication bypass vulnerabilities, attackers could leverage the remaining flaws patched by Cisco, which include command injection vulnerabilities (CVE-2019-15978, CVE-2019-15979), SQL injection vulnerabilities (CVE-2019-15984, CVE-2019-15985), path traversal vulnerabilities (CVE-2019-15980, CVE-15981, CVE-2019-15982) and an XML external entity vulnerability (CVE-2019-15983).

Seeley’s discovery of these vulnerabilities in Cisco DCNM was inspired by four flaws reported back in June 2019 by security researcher Pedro Ribeiro, including CVE-2019-1619, an authentication bypass flaw in the DCNM’s web-based management interface.

Additionally, Cisco patched CVE-2019-15999, a vulnerability in the DCNM’s JBoss Enterprise Application Platform (EAP) reported by Harrison Neal of PatchAdvisor. This flaw exists because the authentication settings on the EAP were incorrectly configured.

- Advertisement -
- Advertisement -

Latest in TECH

- Advertisement - ESDS eNight Cloud Hosting

Related Articles