Cisco releases patch for data center switch manager software

[Aug 30, 2018]

Cisco Data Center Network Manager (DCNM) software is used for managing Cisco switches and routers that connect devices on enterprise local area networks (LAN) and storage area networks (SAN). The software manages Cisco’s Nexus switches and its MDS enterprise SAN switches.

Cisco has released a patch to fix a high severity security flaw affecting its Data Center Network Manager software for managing switches deployed in large data centers.

The networking company released the patch on Tuesday and notes there is a publicly available proof-of-concept exploit for the flaw, which could give remote attackers access to sensitive files.

According to Cisco, all DCNM releases prior to 11.0 (1), which it made available in July, are vulnerable to a directory or path traversal attack.

Cyber Security Tips: 

  • Assuming a network admin notices such an attack, an admin could recover memory by rebooting the device or restarting web proxy access, according to Cisco.
  • Cisco has tagged the bug as CVE-2018-0410 and rated it as a “high” severity issue with a CVSS score of 8.6 out of 10. Available patches can be found on CERT/CC’s pages.

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: