Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offerings that customers should deal with now. Credit: Thinkstock Cisco has issued a number of critical security advisories for its data center manager and SD-WAN offering customers should deal with now. On the data center side, the most critical – with a threat score of 9.8 out of 10 – involves a vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could let an unauthenticated, remote attacker bypass authentication and execute arbitrary actions with administrative privileges on an affected device. Cisco DCNM lets customers see and control network connectivity through a single web-based management console for the company’s Nexus, Multilayer Director Switch, and Unified Computing System products. “The vulnerability exists because different installations share a static encryption key. An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges,” Cisco stated. According to Cisco, this vulnerability affects all deployment modes of all Cisco DCNM appliances that were installed using .ova or .iso installers and Cisco DCNM software releases 11.0, 11.1, 11.2, and 11.3. The company issued eight other security warnings in the DCNM package, one of the worst being a 8.2-rated High vulnerability in REST API endpoints of DCNM could let an authenticated, remote attacker inject arbitrary commands on the underlying operating system with the privileges of the logged-in user. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to inject arbitrary commands on the underlying operating system, Cisco said. Other high-rated REST API security holes in DCNM were revealed as well. As for the SD-WAN warnings, Cisco deemed two of them critical. The first, with a security-threat rating of 9.9, describes a weakness in the web-based management interface of Cisco SD-WAN vManage Software that could let an authenticated, remote attacker bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. The vulnerability is due to insufficient authorization checking on the affected system. An attacker could exploit this weakness by sending crafted HTTP requests to the web-based management interface of an affected system, Cisco stated. A successful exploit could allow the attacker to gain privileges beyond what would normally be authorized for the configured user-authorization level. The attacker may be able to access sensitive information, modify the system configuration, or affect system availability, Cisco stated. The second critical warning, with a security threat rating of 9.8, is a vulnerability in Cisco SD-WAN Solution Software that could let an unauthenticated, remote attacker cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to information that they are not authorized to access, make changes to the system that they are not authorized to make, and execute commands on an affected system with privileges of the root user, Cisco said. Vulnerable products include: IOS XE SD-WAN Software, SD-WAN vBond Orchestrator Software, SD-WAN vEdge Cloud Routers, SD-WAN vEdge Routers, SD-WAN vManage Software, and SD-WAN vSmart Controller Software. Cisco said there were no workarounds that address these vulnerabilities and that it had released software updates that address all of the weaknesses. Related content news Cisco adds AI features to AppDynamics On-Premises A new virtual appliance for Cisco's AppDynamics observability platform will give enterprise customers more deployment options as well as AI-driven capabilities for anomaly detection and root cause analysis, application security, and SAP monitori By Michael Cooney May 10, 2024 4 mins Network Management Software Network Monitoring news CHIPS Act to fund $285 million for semiconductor digital twins Plans call for building an institute to develop digital twins for semiconductor manufacturing and share resources among chip developers. By Andy Patrizio May 10, 2024 3 mins CPUs and Processors Data Center news Microsoft’s AI ambitions fuel $3.3 billion bet on Wisconsin data center The Mount Pleasant site was initially earmarked for a manufacturing plant operated by electronics giant Foxconn. By Sascha Brodsky May 10, 2024 6 mins Data Center news analysis Red Hat unveils image mode for its Linux distro New container image deployment method for Red Hat Enterprise Linux is aimed at helping enterprises streamline operations and management. By Maria Korolov May 09, 2024 5 mins Linux Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe