1 min read

DNA and SD WAN Critical Security Vulnerability Notice

DNA and SD WAN Critical Security Vulnerability Notice

A new security vulnerability pushed Cisco to urge enterprise administrators to install critical security updates. As always, a SMARTnet contract is not necessary to obtain fixed software for security vulnerabilities.

Vulnerability Details

CVE-2019-1848 is a Cisco DNA Center authentication bypass vulnerability. Due to insufficient access restriction to the ports necessary for system operation, an attacker may reach internal services that are not hardened for external access. 9.3 (out of 10) CVSS score identifies this as a critical requirement to be addressed. A successful exploit could also let an unauthenticated attacker connect an unauthorized network device to the subnet designated for cluster services. Please ensure that you are running release 1.3 or newer. Fixed software is not available through Cisco’s software center. There is an “update” feature within the DNA Center that call for the fixed software.

CVE-2019-1625 is a Cisco SD-WAN privilege escalation vulnerability. The source is an insufficient authorization enforcement. It could allow the attacker to make config changes to the system as the root user. CVSS score of 7.8. Impacted is any release of Cisco’s SD-WAN Solution prior to 18.3.6, 18.4.1, and 19.1.0. 18.4.1 is the minimum recommended image.

“High” and “Critical” advisories listed below:

Advisory Alert Impact
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Security Vulnerability
Critical
Cisco SD-WAN Solution Privilege Escalation Security Vulnerability
Critical
Cisco DNA Center Authentication Bypass Security Vulnerability
Critical
Cisco Prime Service Catalog Cross-Site Request Forgery Vulnerability
High
Cisco TelePresence Endpoint Command Shell Injection Vulnerability
High
Cisco StarOS Denial of Service Vulnerability
High
Cisco SD-WAN Solution Privilege Escalation Vulnerability
High
Cisco SD-WAN Solution Command Injection Vulnerability
High
Cisco RV110W, RV130W, and RV215W Routers Management Interface Denial of Service Vulnerability
High
Cisco Meeting Server CLI Command Injection Vulnerability
High
Cisco Secure Boot Hardware Tampering Vulnerability
High
Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability
High
Cisco Industrial Network Director Remote Code Execution Vulnerability
High
Cisco Unified Communications Manager IM&P Service, Cisco TelePresence VCS, and Cisco
Expressway Series Denial of Service Vulnerability
High
Cisco IOS XR Software BGP MPLS-Based EVPN Denial of Service Vulnerability
High

 

CISCO DNA

As Cisco continues to surge toward becoming a software company, please consider the potential impact that a major exploit could have on organizations if the market continues to adopt opening their networks to Cisco’s software development and new licensing model.

Its not a matter of “if,” but rather “when?”

 

How often should you update Cisco IOS? How important is it?

How often should you update Cisco IOS? How important is it?

For the 15-ish years I’ve been in the TPM (third party maintenance) space, one of the primary objections I’ve heard from potential new customers is,...

Read More
Cisco Issues a “Critical” Security Advisory for their Nexus 9K Series

Cisco Issues a “Critical” Security Advisory for their Nexus 9K Series

Per Cisco: “The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this...

Read More
Unlocking the Full Potential of IT Asset Recovery

Unlocking the Full Potential of IT Asset Recovery

In today’s fast-paced IT landscape, managing the lifecycle of your hardware is as crucial as the technology itself. IT Asset Recovery stands out as a...

Read More