Cisco Patches 12 Vulnerabilities in Data Center Network Manager

January 6, 2020

Includes 3 Critical Authentication Bypass Flaws: CVE-2019-15975, CVE-2019-15976, CVE-2019-15977

Background

On January 2, Cisco published a series of advisories for Cisco Data Center Network Manager (DCNM), a platform for managing Cisco’s data center deployments equipped with Cisco’s NX-OS. A total of 12 vulnerabilities were found and reported to Cisco, 11 of which were discovered by Steven Seeley of Source Incite.

Analysis

Of the 12 vulnerabilities patched by Cisco, the most severe include a trio of critical authentication bypass flaws, two of which reside in DCNM API endpoints.

CVE-2019-15975 and CVE-2019-15976 are authentication bypass vulnerabilities in the REST API and SOAP API endpoints for Cisco DCNM due to the existence of a static encryption key shared between installations. A remote, unauthenticated attacker could gain administrative privileges through either the REST API or SOAP API by sending a specially crafted request that includes a valid session token generated using the static encryption key.

CVE-2019-15977 is an authentication bypass vulnerability in the web-based management interface for Cisco DCNM because of the use of static credentials. A remote, unauthenticated attacker could use these static credentials to extract sensitive information from the vulnerable device, enabling them to perform additional attacks.

Utilizing these authentication bypass vulnerabilities, attackers could leverage the remaining flaws patched by Cisco, which include command injection vulnerabilities (CVE-2019-15978, CVE-2019-15979), SQL injection vulnerabilities (CVE-2019-15984, CVE-2019-15985), path traversal vulnerabilities (CVE-2019-15980, CVE-15981, CVE-2019-15982) and an XML external entity vulnerability (CVE-2019-15983).

Seeley’s discovery of these vulnerabilities in Cisco DCNM was inspired by four flaws reported back in June 2019 by security researcher Pedro Ribeiro, including CVE-2019-1619, an authentication bypass flaw in the DCNM’s web-based management interface.

Additionally, Cisco patched CVE-2019-15999, a vulnerability in the DCNM’s JBoss Enterprise Application Platform (EAP) reported by Harrison Neal of PatchAdvisor. This flaw exists because the authentication settings on the EAP were incorrectly configured.

Proof of concept

At the time this blog post was published, no proof-of-concept code has been released for any of the reported vulnerabilities.

Solution

Cisco released updates to correct each of the specified vulnerabilities. Affected versions of Cisco DCNM software include releases earlier than 11.3 (1). We recommend reviewing the linked advisories under the “Get more information” section below.

 Identifying affected systems

A list of Tenable plugins to identify these vulnerabilities will appear here as they’re released.

Get more information


RAH Infotech partners with Veeam to offer robust Cloud Data Management Solutions to Indian organizations

January 6, 2020

As a national distributor, RAH Infotech will offer Veeam’s entire suite of data recovery and back-up solutions to customers including Governments, enterprises and SMEs

NEW DELHI, India – January 6, 2020 – RAH Infotech, the specialty value added distributor of mission critical technology solutions including network and cyber security, disaster recovery and cloud; and Veeam Software, the leader in Backup solutions that deliver Cloud Data Management, have joined hands to address the data management needs of Government, Indian enterprises and SMEs.

As a national distributor, RAH Infotech will leverage its technological prowess and massive reach to offer Veeam’s entire product and solutions suite including backup, disaster recovery and cloud data management software for virtual, physical and multi-cloud infrastructures.

We are delighted to join hands with Veeam. They are the leader in cloud data management solutions. With the increase in focus on data protection and data privacy policies across the world, it has now become imperative to have a robust system in place that not only takes care of data storing and mining but it should also come integrated with data management solution that can take care of an enterprise’s data back-up, recovery and disaster management needs. And, Veeam commands leadership in this space“, said Ashis Guha, CEO, RAH Infotech.

Indian businesses across sectors demand agility and reliability as they adopt emerging technologies for business growth. With this partnership, Veeam aims to provide robust Cloud Data Management solutions with the power of backup, replication and disaster recovery across organisations’ workloads – ensuring mission-critical apps and data are available at all times. We are confident that RAH Infotech will deliver the right value to Indian customers through its wide distribution network“, said Sandeep Bhambure, Vice President and Managing Director, Veeam Software.

# # #

About RAH Infotech

RAH Infotech is a specialty value added distributor of mission critical technology solutions including network and cyber security, disaster recovery and cloud. In over a decade of its operations, RAH Infotech has been consistently providing world class IT solutions to a large number of channel partners and corporates in India and SAARC countries.RAH Infotech is the fastest growing value added distributor in India possessing 15 years of expertise in providing Information Management and Security solutions to a large number of customers across the country through its partnership with over 20 OEMs and over 500 channel partners. Headquartered in New Delhi, RAH Infotech has presence across the country with International presence in Netherlands, Singapore, UAE, the UK and the USA.


%d bloggers like this: