Deleting the OVA package from the device storage memory removes the attack vector. The REST API interface is not enabled by default. To be vulnerable, the virtual services container must be installed and activated. An authorized user with administrator credentials (level 15) is authenticated to the REST API interface.The device has installed and enabled an affected version of the Cisco REST API virtual service container.The device runs an affected Cisco IOS XE Software release.The Cisco REST API provides a set of RESTful APIs as an alternative method to the Cisco IOS XE CLI to provision selected functions on Cisco devices.Ĭisco said the vulnerability can be exploited under the following conditions: The OVA package has to be installed and enabled on a device through the device virtualization manager (VMAN) CLI. A virtual services container is a virtualized environment on a device and is delivered as an open virtual application (OVA). Īccording to Cisco the REST API is an application that runs in a virtual services container. This token-id could be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container on the affected Cisco IOS XE device, the company said. With the vulnerability an attacker could submit malicious HTTP requests to the targeted device and if successful, obtain the token-id of an authenticated user. CISCO IOS XE DEVICES UPDATECisco this week said it issued a software update to address a vulnerability in its Cisco REST API virtual service container for Cisco IOS XE software that scored a critical 10 out of 10 on the Common Vulnerability Scoring System (CVSS) system.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |