Cisco has addressed a maximum severity vulnerability in the API endpoint of their Cisco ACI Multi-Site Orchestrator (MSO). The flaw would allow a remote attacker to bypass authentication on the Application Services Engine and could allow an unauthenticated attacker access to the device. By sending a specifically crafted request to exploit the improper token validation bug affecting the ACI MSO API endpoint, and an attacker could be able to get an authentication token that would allow them access with “admin” level privileges. The vulnerability is tracked as CVE-2021-1388 and came with a severity score of ten out of ten. The vulnerability only affects Cisco API MSO 3.9 versions and only when deployed on a Cisco Applications Service Engine unified application hosting platform. Cisco has addressed this issue with a patch.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased