Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offerings that customers should deal with now. Credit: Thinkstock Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offering customers should deal with now. On the data center side, the most critical – with a threat score of 9.8 out of 10 – involves a vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could let an unauthenticated, remote attacker bypass authentication and execute arbitrary actions with administrative privileges on an affected device. Cisco DCNM lets customers see and control network connectivity through a single web-based management console for the company’s Nexus, Multilayer Director Switch, and Unified Computing System products. “The vulnerability exists because different installations share a static encryption key. An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges,” Cisco stated. According to Cisco, this vulnerability affects all deployment modes of all Cisco DCNM appliances that were installed using .ova or .iso installers and Cisco DCNM software releases 11.0, 11.1, 11.2, and 11.3. The company issued eight other security warnings in the DCNM package, one of the worst being a 8.2-rated High vulnerability in REST API endpoints of DCNM could let an authenticated, remote attacker inject arbitrary commands on the underlying operating system with the privileges of the logged-in user. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to inject arbitrary commands on the underlying operating system, Cisco said. Other high-rated REST API security holes in DCNM were revealed as well. As for the SD-WAN warnings, Cisco deemed two of them critical. The first, with a security-threat rating of 9.9, describes a weakness in the web-based management interface of Cisco SD-WAN vManage Software that could let an authenticated, remote attacker bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. The vulnerability is due to insufficient authorization checking on the affected system. An attacker could exploit this weakness by sending crafted HTTP requests to the web-based management interface of an affected system, Cisco stated. A successful exploit could allow the attacker to gain privileges beyond what would normally be authorized for the configured user-authorization level. The attacker may be able to access sensitive information, modify the system configuration, or affect system availability, Cisco stated. The second critical warning, with a security threat rating of 9.8, is a vulnerability in Cisco SD-WAN Solution Software that could let an unauthenticated, remote attacker cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user, Cisco said. Vulnerable products include: IOS XE SD-WAN Software, SD-WAN vBond Orchestrator Software, SD-WAN vEdge Cloud Routers, SD-WAN vEdge Routers, SD-WAN vManage Software, and SD-WAN vSmart Controller Software. Cisco said there were no workarounds that address these vulnerabilities and that it had released software updates that address all of the weaknesses. Related content analysis HPE Aruba boosts Wi-Fi 7 AP capacity, eases IoT network management New 700 series Wi-Fi 7 access points from HPE Aruba offer faster performance, improved IoT and location capabilities, and twice as much SDRAM and flash memory for local data processing. By Michael Cooney Apr 23, 2024 4 mins Wi-Fi Network Security Networking brandpost Sponsored by Zscaler Legacy firewalls and VPNs still not up to par when stopping attacks Zero trust leaves the weaknesses of perimeter-based, network-centric, firewall-and-VPN architectures in the past. By Zscaler Apr 23, 2024 6 mins Network Security news Networking among tech roles forecast for growth in 2024 In the U.S., tech occupation employment is projected to increase by 203,125 jobs, or 3.5%, in 2024, according to CompTIA. By Denise Dubie Apr 23, 2024 3 mins Certifications IT Jobs IT Skills news European trade body lashes out at Broadcom’s VMware licensing changes CISPE said the economic viability of many cloud services utilized by customers in Europe is threatened by “the massive and unjustifiable hikes in prices, the re-bundling of products, the altered basis of billing.” By Prasanth Aby Thomas Apr 23, 2024 5 mins Technology Industry Cloud Computing PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe