Malicious code attacks with root privileges on Cisco Nexus Dashboard possible

Malicious code attacks with root privileges on Cisco Nexus Dashboard possible

Admins in data centers with Cisco Nexus Dashboard should update the software for security reasons. Otherwise, attackers could target several vulnerabilities and, in the worst case, execute their own commands with root privileges. There are also security updates for some devices in the Small Business series.

By sending crafted HTTP requests to a specific API, a remote attacker could gain root privileges and run their own commands without authentication. The vulnerability (CVE-2022-20857) is identified as “critical“ classified.

Attackers exploit another vulnerability (CVE-2022-20861 “high’) they could perform actions as admin. Uploading containers with malicious code may cause reboots (CVE-2022-20858 “high“).

The developers are also ironing out SSL/TLS bugs (CVE-2022-20860 “high“) out. In addition, attackers could obtain increased user rights or access data that is actually isolated.

Several vulnerabilities still threaten the RV110W, RV130, RV130W and RV215W small business routers. After successful attacks, attackers could, in the worst case, run their own code on devices.

Admins can find information about the versions secured against possible attacks in the warning messages linked at the end of this article.

Cisco has also published a note that due to a bug in the Identity Services Engine (ISE) password policy, admins can continue to use expired credentials to access the web management interface.

List sorted by threat level in descending order:

(of)

To home page

Pegasus spyware: Apple sends alerts to people in 150 countries Previous post Pegasus spyware: Apple sends alerts to people in 150 countries
Creating images with AI: DALL-E starts paid beta phase Next post Creating images with AI: DALL-E starts paid beta phase