Quick check! Cisco SDS-WAN management exposed high-risk vulnerabilities - Code World

Quick check! Cisco SDS-WAN management exposed high-risk vulnerabilities

News 2023-07-26 06:47:40 views: null

Recently, Cisco released a security report stating that it has resolved a critical unauthenticated REST API access vulnerability, vulnerability number CV-2023-20214 (cvss score 9.1). The vulnerability affects Cisco SDS-WAN management software, allowing attackers to launch remote attacks and gain read and write permissions on the device or restrict write permissions.

SD-WAN is a new solution launched in recent years and is becoming one of the future development trends. SD-WAN, that is, software-defined wide area network, is a service formed by applying SDN technology to wide area network scenarios. This service is used to connect enterprise networks, data centers, Internet applications and cloud services in a wide geographic range, aiming to help users reduce WAN expenses and increase network connection flexibility.

The Cisco Security Advisory states that the vulnerability is due to insufficient request validation when using other API features. An attacker could exploit this vulnerability by sending crafted API requests to an affected SD-WAN management device and obtain sensitive information from the device.

Cisco further emphasized that the vulnerability security flaw only affects other APIs, not the web-based management interface or CLI. Affected SD-WAN Management versions are as follows:

v20.6.3.3 – fixed with the release v20.6.3.4
v20.6.4 – fixed with the release v20.6.4.2
v20.6.5 – fixed with the release v20.6.5.5
v20.9 – fixed with the release v20.9.3.2
v20.10 – fixed with the release v20.10.1.2
v20.11 – fixed with the release v20.11.1.2

From the security report released by Cisco, we can know that SD-WAN management versions 20.7 and 20.8 will also be affected. For the updates of these versions, we recommend that users migrate to fixed versions.

Cisco recommends that enterprise network administrators reduce the attack surface by:

Use Access Control Lists (ACLS) to restrict access to SD-WAN management instances;
Use the API key to access the API;
Check the logs to detect attempts to access other APIs.

Guess you like

Origin blog.csdn.net/FreeBuf_/article/details/131793231

Quick check! Cisco SDS-WAN management exposed high-risk vulnerabilities

Tomcat burst of high-risk vulnerabilities and repair

high-risk vulnerabilities windows system over the years

NagiosXI multiple high-risk vulnerabilities and repair solutions

Detailed explanation of the latest high-risk vulnerabilities in Struts2

[High Risk] Multiple high-risk vulnerabilities exist in UFIDA U8 Cloud, GRP-U8, and A++V8.31

Microsoft warns of a million computer still does not fix a high-risk vulnerabilities

High-risk vulnerabilities BlueKeep risks nearly a million units Windows Device

Microsoft Windows 10 emergency repair two high-risk vulnerabilities, recommends updating

Metasploit release of high-risk vulnerabilities BlueKeep use the library, China 700 000 equipment to be careful

Many a high-risk vulnerabilities of information systems Shenzhen - within the network penetration

[Security Information] Microsoft Security Center Announcement: Dotnet explodes high-risk remote execution vulnerabilities

There are hundreds of high-risk vulnerabilities in popular software? Open source security issues cannot be ignored

Sysdig2023 Cloud Native Security and Usage Report: 87% of container images have high-risk vulnerabilities

Douxiang Technology-Compulsory high-risk vulnerabilities collection download for 2023 offensive and defensive drills (2 versions)

Serious Vulnerabilities Exposed to AudioCodes Desk Phone and Zoom ZTP Put Users at Risk of Eavesdropping

Douxiang Technology-2023 offensive and defensive drill compulsory high-risk vulnerabilities collection Baidu network disk download (2 versions)

Power Query Excel security vulnerabilities exposed

[Security News of the Week 1007] Multiple national information security standards will be implemented on October 1; GitLab releases emergency security patches to fix high-risk vulnerabilities

Windows 10 is exposed 0day vulnerabilities exist

Remote Management of Cisco Devices

SQL statements quick check

Docker Command Quick Check

Digging Notes - Host Collision Acquisition of Medium and High Risk Vulnerabilities

owaps Ten security risk vulnerabilities

Cisco 220 Series Switches S Series Multiple vulnerabilities warning

Cisco CDPwn vulnerabilities threaten tens of millions of business equipment

Summary of common high-risk commands in Linux

Disable 16 high-risk functions in PHP

【Summary】BeautifulSoup Quick Check Manual

Recommended

微软回应中国区AI团队“打包赴美”传闻

Ranking

How to use ChatGPT to write 100,000+ hot articles for public accounts (includes prompt words)

sudo echo command execution Permission denied

ADO: Using Transactions to Operate Oracle Database

[Java] [Class and Object] equals, hashCode, clone methods

Linux virtual host function

Порт управления rabbitmq открыт

on,where

jQuery WeUI

How can there be a weed pilot in Hangzhou?

tcp / ip model four

Daily

More

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)