Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Cisco Finds Serious Flaws in Policy Suite, SD-WAN Products

Cisco informed customers on Wednesday that it has found and patched over a dozen critical and high severity vulnerabilities in its Policy Suite, SD-WAN, WebEx and Nexus products.

Cisco informed customers on Wednesday that it has found and patched over a dozen critical and high severity vulnerabilities in its Policy Suite, SD-WAN, WebEx and Nexus products.

The networking giant reported discovering four critical flaws in Policy Suite during internal testing. Two of these security holes are unauthenticated access issues that allow a remote attacker to access the Policy Builder interface and the Open Systems Gateway initiative (OSGi) interface.

Once they gain access to the Policy Builder interface, which is exposed due to a lack of authentication, attackers can make changes to existing repositories and create new repositories. The OSGi interface allows an attacker to access or change any file accessible by the OSGi process.

The lack of an authentication mechanism also exposes the Policy Builder database, allowing an attacker to access and change any data stored in it.

Cisco also discovered that the Cluster Manager in Policy Suite has a root account with default and static credentials. A remote attacker can log in to this account and execute arbitrary commands with root privileges.

These critical Policy Suite vulnerabilities are tracked as CVE-2018-0374, CVE-2018-0375, CVE-2018-0376 and CVE-2018-0377.

Cisco has also fixed a total of seven flaws in its SD-WAN solution. The only one of these vulnerabilities that can be exploited remotely without authentication impacts the Zero Touch Provisioning service and it allows an attacker to cause a denial-of-service (DoS) condition.

The other SD-WAN security holes, which require authentication, can be exploited to overwrite arbitrary files on the underlying operating system, and execute arbitrary commands with vmanage or root privileges. One of the SD-WAN bugs requires both authentication and local access for exploitation.

Cisco also informed customers that its Nexus 9000 series Fabric switches, specifically their DHCPv6 feature, are impacted by a high severity flaw that can be exploited by a remote and unauthenticated attacker to cause a DoS condition.

The company has also assigned a high severity rating to multiple vulnerabilities affecting the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. The security bugs can be exploited for arbitrary code execution by getting the targeted user to open specially crafted ARF or WRF files using the affected player.

None of the vulnerabilities patched this week appear to have been exploited for malicious purposes.

Related: Cisco ASA Flaw Exploited in DoS Attacks

Related: Cisco Patches Severe Vulnerabilities in Prime Collaboration Provisioning

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Vulnerabilities

Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...