Cisco has rolled out patches addressing severe vulnerabilities that could be exploited to perform remote code execution and privilege escalation. The flaws lie in the SD-WAN vManage Software. The bugs could allow an unauthenticated attacker to steal information from vulnerable networks. Cisco also disclosed a denial-of-service issue in the same software, identifying the flaws al locally exploitable bugs that could lead to unauthorized access to applications.
Cisco patched two vulnerabilities in the Cisco HyperFlex HX platform as well, one of which was rated critical on the CVSS severity scale. The software at risk, vManage, is a centralized network management system that provides users with a GUI interface that is easy to monitor, configure, and maintain. In an advisory posted on Wednesday, Cisco stated that there are five total security holes in the software that have since been patched.
Read More: Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks