Cisco Systems has identified two flaws in its Data Center Network Manager (DCNM). DCNM is Cisco’s network platform that switches on its network operating system that’s included in their Nexus series switches. The first vulnerability patched is the ability for an attacker to upload arbitrary files that could enable remote code execution on affected devices. This flaw stems from incorrectly configured permission settings in the DCNM software. The second vulnerability is a way to bypass authentication and execute actions with administrative privileges on the affected device. With this flaw, an attacker could potentially obtain a session cookie without knowing the administrative password–all by sending a specially crafted HTTP request to a vulnerable web servlet on impacted devices. Once that is done, the attacker now has administrator-level access to the device. Two other “less than critical” flaws were also fixed with the newly released patch.
Analyst Notes
All four of these flaws can be patched by visiting Cisco’s website and downloading and applying release 11.1(1). Users are recommended to do this as soon as possible.
