Network devices

Cisco Urges Users to Fix Critical Vulnerability in Virtualized Network Devices After PoC Is Made Public

Jessica Haworth September 03, 2021 at 13:45 UTC

Updated: September 03, 2021 at 14:14 UTC

Update now to protect against authentication bypass failure

A critical vulnerability in a Cisco product designed to help service providers and enterprises deploy virtualized networks can allow unauthenticated actors to bypass authentication.

The security vulnerability, which was assigned a near-maximum CVSS score of 9.8, is present in the TACACS + authentication, authorization, and accounting (AAA) functionality of Cisco Enterprise NFV infrastructure software (NFVIS) .

Cisco Enterprise NFVIS “helps dynamically deploy virtualized network functions” such as a virtual router, firewall, and WAN acceleration, on a supported Cisco device.

The critical vulnerability, discovered by Cyrille Chatras of the Orange group, can allow an unauthenticated remote attacker to bypass authentication controls and connect as an administrator on an affected device.

Patch immediately

A Cisco security advisory explains that the vulnerability is present due to incomplete validation of user input that is passed to an authentication script.

“An attacker could exploit this vulnerability by injecting parameters into an authentication request,” it reads, bypassing that request and connecting to the device.

Learn about the latest security vulnerabilities

The vulnerability affects Cisco Enterprise NFVIS version 4.5.1 if the TACACS external authentication method is configured.

Cisco urges users to update to the latest version as soon as possible to protect against the issue, as a proof of concept exploit has reportedly already been made public.

YOU MAY ALSO LIKE Zero-day flaws in IoT baby monitors could allow attackers to access camera feeds

Source link