SoylentNews is people
SoylentNews
from the Quis-custodiet-ipsos-custodes? dept.
Cisco Warns of Critical Network Security Tool Flaw:
A critical Cisco vulnerability exists in its administrative management tool for Cisco network security solutions. The flaw could allow an unauthenticated, remote attacker to gain administrative privileges on impacted devices.
The flaw exists in the web-based management interface of the Cisco Firepower Management Center (FMC), which is its platform for managing Cisco network security solutions, like firewalls or its advanced malware protection service. Cisco has released patches for the vulnerability (CVE-2019-16028), which has a score of 9.8 out of 10 on the CVSS scale, making it critical in severity.
“The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory,” Cisco said in its advisory released Wednesday.
[...] The vulnerability stems from “improper handling” of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. LDAP is an industry standard application protocol used to access and manage directory information over an IP network.
LDAP is used for a variety of functions within FMC, such as FMC Web Management Portal Authentication, Remote Access VPN Authorization, command line interface authorization, and others. This vulnerability impacts only the FMC Web Management Portal if it is configured to authenticate users of the web management portal through an external LDAP server.
An attacker could exploit this vulnerability by sending crafted HTTP requests to a vulnerable device, Cisco said. They could then bypass authentication and gain administrative access to the web-based management interface of the affected device.
[...] According to Omar Santos, principal engineer for the Cisco PSIRT, Cisco customers can do the following to determine whether they are impacted:
- Check if the Cisco FMC Software is configured to authenticate users of the web-based management interface through an external LDAP server;
- Check if external authentication using an LDAP server is configured on the device (System > Users > External Authentication)
(Score: 2) by NickM on Saturday January 25 2020, @10:52PM (1 child)
LDAP is the most ubiquitous NoSQL DB. I am suprises that you know about the PDU yet appear completely oblivious to the NoSQuality of LDAP.
You also seem to ignore that LDAP replaced a monster called X.500, ence the Lightweight part of the name. There are no competing standards to LDAP. Saml2 is the closest one and it only concern itself with the authentication and attributes releases part of LDAP. It is also a beast of a protocol and doesn't replace the directory aspect of LDAP while managing to be even more complex. What interoperable protocols have you in mind to replace LDAP ?
I a master of typographic, grammatical and miscellaneous errors !
(Score: 0) by Anonymous Coward on Monday January 27 2020, @05:18AM
Digging back into my memory, but isn't LDAP technically an object-oriented database? If so, I could see how, depending your exact schema of the OODB, you could translate it to a comparative relational DB. Although, I do wonder now what the different implementations use.
Great, now I have to go down that rabbit hole and forgot the rest of my comment.