Cisco fixes critical ‘DNA’ software flaws
IT giant Cisco this week released patches for three critical vulnerabilities in its enterprise networking software, two of which could allow an attacker to bypass authentication measures and access data deep into the network. The affected software, known as the Digital Network Architecture (DNA) Center, serves as a hub for configuring devices across an IT network, allowing administrators to track networking flaws. Each of the vulnerabilities is fixed in more recent versions of the software. One of the vulnerabilities stems from an insecure configuration of a DNA Center management system, Cisco said in an advisory. An attacker with the ability to access the management system’s service port “could execute commands with elevated privileges within provisioned containers,” the company said, potentially resulting in the complete compromise of a container. The San Jose, California-based company said it found two of the three software bugs in internal testing (the third was discovered in […]
The post Cisco fixes critical ‘DNA’ software flaws appeared first on Cyberscoop.