Cisco’s Network Assurance Engine (NAE) version 3.0(1) was found to have a vulnerability within the web interface. The data center uses the NAE to observe the whole network. The vulnerability gives attackers the chance to get into the device through CLI with old passwords. This ultimately could lead to a DoS if access to the device is obtained. Internal testing led to the discovery of the bug that is caused by a flaw in the NAE’s password management system. After finding out about the vulnerability Cisco released a patch for it, but it does not mean that the device can’t still be exploited.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased