Two of these flaws could be exploited by a remote unauthenticated attacker to access the Policy Builder interface and the Open Systems Gateway initiative (OSGi) interface.
The access to the Policy Builder interface could allow an attacker to change to existing repositories and create new ones, while the access to the OSGi interface could allow an attacker to access or change any file accessible by the OSGi process.
An unauthenticated attacker could also allow an attacker to modify any data contained in the Policy Builder database.
“A vulnerability in the Policy Builder database of Cisco Policy Suite could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database.” reads the security advisory published by Cisco.
“The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database.”
Cisco also warned of the presence of the Cluster Manager in Policy Suite of a root account with default and static credentials. A remote attacker can exploit the vulnerabilities to access to the account and execute arbitrary commands with root privileges.
Cisco also warned of the presence of seven flaws in the SD-WAN solution, one of them affects the Zero Touch Provisioning service and could be exploited by an unauthenticated attacker to trigger denial-of-service (DoS) condition.
Other SD-WAN vulnerabilities could allow an authenticated attacker to overwrite arbitrary files on the underlying operating system, and execute arbitrary commands with vmanage or root privileges.
Cisco also reported a high severity DoS vulnerability that affects Nexus 9000 series Fabric switches, the issue resides in the implementation of the DHCPv6 feature.
Cisco fixed all the vulnerabilities and confirmed that none of them has been exploited in attacks in the wild.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.