A security flaw has been identified in the Cisco DNA Center, which can potentially enable unauthorized access by a remote attacker.
This vulnerability could allow the attacker to view and manipulate data within a repository associated with an internal service on the affected device.
During the course of their investigation and subsequent resolution of a support case reported to Cisco TAC, the team at Cisco identified the presence of a vulnerability.
Cisco has released software updates to mitigate this vulnerability. Also, there are workarounds exist to mitigate this vulnerability.
The vulnerability stems from inadequate access control enforcement on API requests.
An attacker can exploit the vulnerability in question by using a carefully crafted API request directed toward a device that is susceptible to the vulnerability.
The potential for a successful exploit exists, which would grant the attacker unauthorized access to read and manipulate data that is managed by an internal service on the device that has been impacted.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
|Cisco DNA Center Release||First Fixed Release|
|2.3.31 and earlier||Migrate to a fixed release.|
|2.3.4||Migrate to a fixed release.|
|2.3.6||Migrate to a fixed release.|
The vulnerability impacts Cisco DNA Center deployments that have Disaster Recovery functionality enabled. By default, the feature of Disaster Recovery is not enabled.
Workarounds & Updates
Cisco has recently made available free software updates that effectively mitigate the vulnerability as described. Customers who are unable to upgrade to a fixed release have the option to implement a workaround to address this vulnerability.
Cisco recommends contacting their Cisco Technical Assistance Center (TAC) for guidance and support during implementation.
According to the Cisco Product Security Incident Response Team (PSIRT), there are no public announcements or instances of malicious exploitation about the vulnerability outlined in this advisory.