Cisco DNA Center Vulnerability Let Attacker Modify Internal Data

A security flaw has been identified in the Cisco DNA Center, which can potentially enable unauthorized access by a remote attacker.

This vulnerability could allow the attacker to view and manipulate data within a repository associated with an internal service on the affected device.

During the course of their investigation and subsequent resolution of a support case reported to Cisco TAC, the team at Cisco identified the presence of a vulnerability.

Cisco has released software updates to mitigate this vulnerability. Also, there are workarounds exist to mitigate this vulnerability.

The vulnerability stems from inadequate access control enforcement on API requests.

An attacker can exploit the vulnerability in question by using a carefully crafted API request directed toward a device that is susceptible to the vulnerability.

The potential for a successful exploit exists, which would grant the attacker unauthorized access to read and manipulate data that is managed by an internal service on the device that has been impacted.

Document
FREE Demo

Deploy Advanced AI-Powered Email Security Solution

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today‚Äôs most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware

Fixed Releases

Cisco DNA Center ReleaseFirst Fixed Release
2.3.31 and earlierMigrate to a fixed release.
2.3.4Migrate to a fixed release.
2.3.52.3.5.4
2.3.6Migrate to a fixed release.
2.3.7Not affected.

The vulnerability impacts Cisco DNA Center deployments that have Disaster Recovery functionality enabled. By default, the feature of Disaster Recovery is not enabled.

Workarounds & Updates

Cisco has recently made available free software updates that effectively mitigate the vulnerability as described. Customers who are unable to upgrade to a fixed release have the option to implement a workaround to address this vulnerability.

Cisco recommends contacting their Cisco Technical Assistance Center (TAC) for guidance and support during implementation.

According to the Cisco Product Security Incident Response Team (PSIRT), there are no public announcements or instances of malicious exploitation about the vulnerability outlined in this advisory.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.

Gurubaran is a Security Consultant, Security Editor & Co-Founder of Cyber Security News & GBHackers On Security.