• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – ProLock Ransomware – IoCs
July 30, 2020
Rewterz Threat Advisory – CVE-2020-14520 – ICS: Inductive Automation Ignition 8
August 3, 2020

Rewterz Threat Advisory – CVE-2020-3382 – Critical Vulnerabilities in Cisco’s DCNM and SD-WAN vManage software

July 30, 2020

Severity

High

Analysis Summary

CVE-2020-3382 – A critical security vulnerability is found in Cisco Data Center Network Manager (DCNM), which is a key piece of Cisco’s data-center automation software for its widely used MDS and Nexus line of networking hardware. This critical flaw can be exploited by anyone on the internet. A bug in the REST application protocol interface (API) of DCNM could allow anyone on the internet to skip over the web interface’s log in and carry out actions as if they were an administrator of the device. The static key lets attackers use it to generate a valid session token on an affected device and do whatever they want through the REST API with administrative privileges.   

CVE-2020-3374 – Another highly critical flaw is found in the web interface of Cisco SD-WAN vManage software. It lets a person on the internet with the right credentials attack a system after bypassing authorization. From there, attackers could reconfigure a system and knock it offline or access sensitive information. The vulnerability is due to insufficient authorization checking on the affected system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system.

Impact

  • Authentication Bypass
  • Privilege abuse
  • Information disclosure
  • Unavailability of affected system

Affected Vendors

Cisco

Affected Products

DCNM software releases 11.0(1)
11.1(1)
11.2(1)
and 11.3(1).
SD-WAN vManage 18.3 or prior

Remediation

Admins need to install the latest versions of Cisco’s DCNM software releases.

They also need to install fixed releases of Cisco SD-WAN vManage.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.