Proof-of-concept exploit code has been published for critical flaws impacting the Cisco Data Center Network Manager (DCNM) tool for managing network platforms and switches. The three critical vulnerabilities in question (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) impact DCNM, a platform for managing Cisco data centers that run Cisco’s NX-OS — the network operating system used by Cisco’s Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches. The flaws, patched on Jan. 3, could allow an unauthenticated, remote attacker to bypass endpoint authentication and execute arbitrary actions with administrative privileges on targeted devices. Fast forward to this week, the security researcher who initially discovered the flaws, Steven Seeley, released public PoC exploits for the flaws. “In this post, I share three (3) full exploitation chains and multiple primitives that can be used to compromise different installations and setups of the Cisco DCNM product to achieve unauthenticated remote code execution as SYSTEM/root,” he explained in a blog post. “In the third chain, I (ab)use the java.lang.InheritableThreadLocal class to perform a shallow copy to gain access to a valid session.” The Flaws Two of the flaws (CVE-2019-15975 and CVE-2019-15976) are authentication bypass vulnerabilities in the REST API and SOAP API endpoints for Cisco DCNM. Representational State Transfer (REST) is an architecture style for designing networked applications,…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-01-16 17:18:002020-01-16 17:18:00Critical Cisco Flaws Now Have PoC Exploit
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com