Cisco patches yet another Data Centre Network Manager vuln

Good news is that it was just a proof of concept... we hope

3 Reg comments Got Tips?

Cisco has coughed to its Data Centre Network Manager (DCNM) software having a rather unpleasant vulnerability – but there's a patch for it.

The vuln allows a logged-in attacker to gain access to sensitive files on a targeted system. Cisco described the flaw as being down to "improper validation of user requests within the management interface".

In plain English, enterprises running older versions of DCNM – prior to version 11.0(1) – are vulnerable to the attack, in which a malicious person could send requests containing directory traversal "character sequences", fooling the target server into returning the contents of file directories – or even allowing the attacker to create their own files.

While there are no workarounds, Cisco's note detailing the vuln explained that there is a patch. Naturally, affected customers are urged to install it immediately.

Cisco described the vuln as a "public proof-of-concept exploit", meaning that infosec firm Tenable managed to demonstrate the attack to it behind closed doors.

So far, Cisco said, nobody has been seen using it in the wild to pilfer the contents of databases or leave nasties behind.

Back in November 2017 a handful of Cisco DCNM vulns emerged that were so serious they were given CVE numbers. ®


Biting the hand that feeds IT © 1998–2020