Threat Watch

Cisco Bug Could Give Attackers Device Access With Previous Passwords

Cisco’s Network Assurance Engine (NAE) version 3.0(1) was found to have a vulnerability within the web interface. The data center uses the NAE to observe the whole network. The vulnerability gives attackers the chance to get into the device through CLI with old passwords. This ultimately could lead to a DoS if access to the device is obtained. Internal testing led to the discovery of the bug that is caused by a flaw in the NAE’s password management system. After finding out about the vulnerability Cisco released a patch for it, but it does not mean that the device can’t still be exploited.

ANALYST NOTES

Users should utilize the patch that is available from Cisco. The administrator password should also be changed from the management web interface. If both are done in a timely manner, it should fix the vulnerability.