The American multinational technology conglomerate corporation Cisco Systems, based in San Jose, California – has published six security patches for its high-end 9000 series networking gear, spanning in severity from critical, high, and medium.
Cisco Systems designs, produce and distributes networking gear, software, telecom equipment, and a variety of other high-tech products and services.
Cisco fixed one of the most critical flaws (ranked 9.1 out of 10) that might enable a hostile and unauthorized attacker to read or write arbitrary files on an application protocol interface used in Cisco 9000 series switches meant to operate its software-defined networking data center solutions.
Cisco additionally patched two high-severity Nexus 9000 flaws (CVE-2021-1586 and CVE-2021-1523) as well as three medium-severity flaws (CVE-2021-1583, CVE-2021-1584, CVE-2021-1591). Each of the high-severity flaws (also with a CVSS base score of 8.6) are denial of service issues.
The significant vulnerability, CVE-2021-1577, patched affects the Cisco Application Policy Infrastructure Controller (APIC) and the Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC). APIC is the primary architectural element of the Cisco Application Centric Infrastructure, which is operated on a Cisco Nexus 9000 Series node.
In a variety of diminutive form factors, the Cisco Nexus 9000 Series combines established high performance and compactness, low latency, and outstanding power efficiency. They can run in either Cisco NX-OS Software or Application Centric Infrastructure (ACI) mode. They are suitable for both conventional and completely automated data center setups.
Cisco describes a second high-severity Nexus 9000 series flaw as a loophole within the Fabric Switches ACI Mode Queue Wedge.
“This vulnerability is due to improper access control. An attacker could exploit this vulnerability by using a specific API endpoint to upload a file to an affected device,” wrote Cisco in its Wednesday security bulletin. Affected products are Cisco APIC and Cisco Cloud APIC.
Cisco stated that countermeasures are present for each of the flaws and that it is unaware of any widely available exploits for all those problems that have been fixed, as with all of the flaws and solutions published on Wednesday. The fix released on Wednesday 25th of August was included in the Cisco “bundled publication” of security improvements for its Firepower eXtensible Operating System and Linux kernel compatible NX-OS software.
“A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to unexpectedly restart the device, resulting in a denial of service (DoS) condition,” wrote Cisco.
Following the implementation of the patches, Cisco advises that the solution for this flaw needs “a manual intervention to power-cycle the device to recover.” Fabric switches from the generation 1 model N9K (Nexus 9000) series are the ones compromised.