News Hub

Cisco Data Center Network Manager users urged to update software

Written by Mon 6 Jan 2020

Cloud data center

Cisco patches multiple flaws in authentication mechanisms of Data Center Network Manager platform

Users of Cisco Systems’ Data Center Network Manager have been told to apply software updates released Thursday to fix three authentication vulnerabilities.

The networking giant said there are no workarounds to the flaws that could allow hackers to bypass authentication and execute admin-level actions on network devices via the popular networking platform.

The vulnerabilities each score 9.8 on the 10-Point Common Vulnerability Scoring System Scale and affect DCNM versions 11.3(1) and earlier for Windows, Linux and virtual appliance platforms.

Each vulnerability can be executed independently and a software release that is affected by one vulnerability may not be affected by the other vulnerabilities, Cisco said.

Three flaws

While all of the patched vulnerabilities could allow an unauthenticated, remote attacker to bypass authentication on an affected device, they do so via different routes.

CVE-2019-15976 bypasses authentication via the SOAP API endpoint by taking advantage of a shared static encryption key.

“An attacker could exploit this vulnerability by using the static key to craft a valid session token,” Cisco said. “A successful exploit could allow the attacker to perform arbitrary actions through the SOAP API with administrative privileges.”

CVE-2019-15977 is a vulnerability in DCNM’s web-based management interface. According to Cisco, hackers could exploit static credentials to access a section of the web interface where confidential device information is located, that could be used to attack the system further.

CVE-2019-15975 is a vulnerability in the REST API where a static encryption key shared between installations is exploited to craft a valid session token.

“A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges,” Cisco explained.

As of yet, there is no evidence the vulnerabilities have been exploited, but as they are now in the public domain DCNM users should update their software pronto. Update information is available here.

Written by Mon 6 Jan 2020


Cisco DCIM dcnm networking software
Send us a correction Send us a news tip