Cisco urges users to patch critical vulnerability in virtualized network devices after PoC is made public


Jessica Haworth

03 September 2021 at 13:45 UTC

Updated: 03 September 2021 at 14:14 UTC

Update now to protect against authentication bypass flaw

A critical vulnerability in a Cisco product designed to help service providers and enterprises deploy virtualized networks can allow unauthenticated actors to bypass authentication.

The security flaw, which was assigned a near-maximum CVSS score of 9.8, is present in the TACACS+ authentication, authorization, and accounting (AAA) feature of Cisco Enterprise NFV Infrastructure Software (NFVIS).

Cisco Enterprise NFVIS “helps dynamically deploy virtualized network functions” such as a virtual router, firewall, and WAN acceleration, on a supported Cisco device.

The critical vulnerability, which was found by Cyrille Chatras of Orange Group, can enable a remote, unauthenticated attacker to bypass authentication checks and log in as an administrator on an affected device.

Patch immediately

A security advisory from Cisco explains that the vulnerability is present due to incomplete validation of user-supplied input that is passed to an authentication script.

“An attacker could exploit this vulnerability by injecting parameters into an authentication request,” it reads, bypassing such request and logging into the device.

Read more about the latest security vulnerabilities

The vulnerability affects Cisco Enterprise NFVIS Release 4.5.1 if the TACACS external authentication method is configured.

Cisco is urging users to updated to the latest version as soon as possible to protect against the issue, as a proof-of-concept exploit has allegedly already been made public.

YOU MAY ALSO LIKE Zero-day flaws in IoT baby monitors could give attackers access to camera feeds

Source link

You might also like
Leave A Reply

Your email address will not be published.