Cisco patches Catalyst SD-WAN vulnerabilities

By

Critical API bug, and more.

Cisco has patched vulnerabilities in several versions of its Catalyst SD-WAN software.

Cisco patches Catalyst SD-WAN vulnerabilities

The company said the vulnerabilities affect SD-WAN APIs, the command line interface (CLI) and an Elasticsearch implementation. They also introduce authentication and denial-of-service issues.

The most serious of the bugs is CVE-2023-20252, an unauthorised access vulnerability in Catalyst SD-WAN’s security assertion markup language (SAML) APIs. It has a CVSS score of 9.8.

“This vulnerability is due to improper authentication checks for SAML APIs. An attacker could exploit this vulnerability by sending requests directly to the SAML APIs,” the advisory stated.

This would give the attacker access to the application as an arbitrary user. There are no workarounds, so users will have to patch.

CVE-2023-20253, with a CVSS of 8.4, is a bug in SD-WAN’s command line interface (CLI) that allows an attacker to bypass a unit’s authentication and roll back a controller’s configurations, “which could then be deployed to the downstream routers.”

CVE-2023-20034 (CVSS 7.5) is described as “a vulnerability in the access control implementation for Elasticsearch that is used in Cisco Catalyst SD-WAN Manager”.

An unauthenticated remote attacker can access the Elasticsearch database of an affected system via a crafted HTTP request. This would let the attacker view the contents of the Elasticsearch database.

CVE-2023-20254 (CVSS 7.2) is a session management vulnerability that “could allow an authenticated, remote attacker to access another tenant that is being managed by the same Cisco Catalyst SD-WAN Manager instance”.

“A successful exploit could allow the attacker to access information about another tenant, make configuration changes, or possibly take a tenant offline and cause a DoS condition,” the advisory stated.

Finally, with a CVSS of 5.3, CVE-2023-20262 allows an unauthenticated remote attacker to crash the SSH process.

The bugs affect various versions of the Catalyst SD-WAN software in the Version 20.n branch, with patches available for all affected products.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2010 IT Week
Tags:
cisconetworkingsecurity

Sponsored Whitepapers

The Healthcare CISO’s Guide to Medical IoT Security
The Healthcare CISO’s Guide to Medical IoT Security
The Enterprise Buyer's Guide to IoT Security. 5 Must-Haves for Comprehensive Zero Trust IoT Security
The Enterprise Buyer's Guide to IoT Security. 5 Must-Haves for Comprehensive Zero Trust IoT Security
How to reach the ‘Holy Grail’ of security and performance with SASE
How to reach the ‘Holy Grail’ of security and performance with SASE
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Unveiling the Invisible Threat: Mastering the Art of Conveying Cyber Risks to Boards
Transforming Your Business
Transforming Your Business

Events

Most Read Articles

Qld gov introduces data breach notification legislation

Qld gov introduces data breach notification legislation
National cyber security coordinator warns schools becoming targets

National cyber security coordinator warns schools becoming targets
Rapid Reset among Microsoft’s 105 patches for October

Rapid Reset among Microsoft’s 105 patches for October
HTTP2 zero-day enabled record-setting DDoS attacks

HTTP2 zero-day enabled record-setting DDoS attacks

Digital Nation

How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
State of Security 2023
State of Security 2023
Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
COVER STORY: What AI regulation might look like in Australia
COVER STORY: What AI regulation might look like in Australia

Log In

  |  Forgot your password?