https://www.zdnet.com/article/cisco-critical-flaw-warning-these-two-bugs-in-our-data-center-gear-need-patching-now/
By Liam Tung
ZDNet News
June 20, 2019
Networking giant Cisco has disclosed two critical vulnerabilities
affecting core equipment in the data center that could give determined
attackers an avenue to break into networks.
Cisco's Digital Network Architecture (DNA) Center appliance has once again
been found to be vulnerable to an authentication bypass, which could allow
an "adjacent" attacker to skip authentication and cause damage to an
organization's critical internal services.
DNA Center allows admins to add new devices to the network and manage them
based on enterprise policies.
The flaw, tagged as CVE-2019-1848, is because Cisco didn't sufficiently
restrict access to ports used to operate the system. The vulnerability
would allow an attacker to connect an unauthorized device to the network.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
