Cisco fixes 12 vulnerabilities in Data Center Network Manager

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of online gaming and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the   threats themselves.

On January 2, published a series of advisories for Network Manager (DCNM), a platform for managing ’s data center deployments equipped with ’s NX-OS. A total of 12 vulnerabilities were found and reported to , 11 of which were discovered by Steven Seeley of Source Incite.

Of the 12 vulnerabilities patched by Cisco, the most severe include a trio of critical authentication bypass flaws, two of which reside in DCNM API endpoints.

CVE-2019-15975 and CVE-2019-15976 are authentication bypass vulnerabilities in the REST API and SOAP API endpoints for Cisco DCNM due to the existence of a static key shared between installations. A remote, unauthenticated attacker could gain administrative privileges through either the REST API or SOAP API by sending a specially crafted request that includes a valid session token generated using the static key.

CVE-2019-15977 is an authentication bypass vulnerability in the web-based management interface for Cisco DCNM because of the use of static credentials. A remote, unauthenticated attacker could use these static credentials to extract sensitive information from the vulnerable device, enabling them to perform additional attacks.

Utilizing these authentication bypass vulnerabilities, attackers could leverage the remaining flaws patched by Cisco, which include command injection vulnerabilities (CVE-2019-15978, CVE-2019-15979), SQL injection vulnerabilities (CVE-2019-15984, CVE-2019-15985), path traversal vulnerabilities (CVE-2019-15980, CVE-15981, CVE-2019-15982) and an XML external entity vulnerability (CVE-2019-15983).

Seeley’s discovery of these vulnerabilities in Cisco DCNM was inspired by four flaws reported back in June 2019 by security researcher Pedro Ribeiro, including CVE-2019-1619, an authentication bypass flaw in the DCNM’s web-based management interface.

Additionally, Cisco patched CVE-2019-15999, a vulnerability in the DCNM’s JBoss Enterprise Application Platform (EAP) reported by Harrison Neal of PatchAdvisor. This flaw exists because the authentication settings on the EAP were incorrectly configured.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles