Cisco Announces Critical API Authentication Vulnerabilities

Cisco has reported multiple API Authentication mechanism vulnerabilities within its Cisco Data Center Network Manager (DCNM). According to the company, the vulnerabilities "could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device." No workarounds are available for the vulnerabilities, but Cisco has released software updates that address them.

The affected products include Cisco DCNM software releases earlier than the 11.3(1) release. This includes Microsoft Windows, Linux, and virtual appliance platforms. The only products that Cisco expressly knows of being impacted are listed in an advisory.

More specifically, Cisco has identified three different vulnerabilities. None of the three are dependent on another vulnerability to pose a threat. Of the three, two are API related. The DCNM REST API Endpoint the DCNM SOAP API are both vulnerable "because a static Encryption key is shared between installations." The final vulnerability is within a web-based management interface.

The updated software is free to all those included in the advisory. For complete steps to obtain and install the needed updates, visit the advisory. The vulnerabilities are considered critical and require immediate attention for anyone impacted.

Be sure to read the next Security article: TikTok’s Myriad Security Vulnerabilities Expose API Resources