Cisco has disclosed dozen of bugs which could affect their Data Center Network Manager (DCNM) software including three critical vulnerabilities impacting a key tool for managing its network platform and switches. The bugs could allow attackers to gain access to administrative privileges.
Cisco warns that a remote attacker can bypass DCNM’s authentication and can let an unauthenticated user to carry out task with administrative privileges in affected devices.
Affected products include Cisco DCNM software that released before Release 11.3 for Microsoft Windows, Linux.
The available updates are highly important for enterprise datacenter built with Nexus NX-OS-based switches. DCNM automates NX-OS-based network infrastructure deployments.
The vulnerabilities are marked as following CVE :
First, two vulnerabilities CVE-2019-15975 and CVE-2019-15976 are authentication bypass vulnerabilities that reside in between the REST API endpoint of DCNM. This could allow an attacker to use the static key to generate a valid session token and carry out sessions with REST API with administrative privileges and second vulnerability is also the same but resides in SOAP API.
The third bug (CVE-2019-15976) as described by Cisco is a data center network manager authentication bypass vulnerability that could allow an attacker to access a session of web interface and can steal sensitive information from affected devices. This information could be used in future attacks against the system.
Cisco wrote that vulnerability could be exploited independently without the exploitation of others.
These bugs were reported by Steven Seeley via Trend Micro’s Zero Day Initiative and iDefense, Accenture.
“The vulnerability is due to the presence of static credentials. An attacker could exploit this vulnerability by using the static credentials to authenticate against the user interface,” Cisco wrote
Each of these bugs received a Common Vulnerability Scoring System Score of 9.8 severity. However, Cisco has released security patches for the vulnerabilities and fixed the bugs.
In addition to that Cisco has also found nine vulnerabilities of lesser severity score in the same DCNM components.