A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent malicious user to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an malicious user to reach internal services that are not hardened for external access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco digital network architecture center |
Your quick guide to what else has been happening in computer security lately
Roundup Here's a quick Monday summary of recent infosec news, beyond what we've already reported. Admins running Cisco gear will need to dedicate some time to updating their software an firmware following the release of 26 security patches from Switchzilla. Of the fixes, three are for critical flaws: CVE-2019-1663 is a remote code execution flaw in the RV110W, RV130W and RV215W routers. CVE-2019-1848 is an authentication bypass flaw in DNA Center, and CVE-2019-1625 covers a privilege escalation ...