Stories
Slash Boxes
Comments

SoylentNews is people

Cisco Warns Of High-Severity Software Defined-Wan Flaws

posted by Fnord666 on Friday March 20 2020, @08:41AM   Printer-friendly
from the little-bobby-tables dept.

Arthur T Knackerbracket has found the following story:

Cisco Systems has fixed three high-severity vulnerabilities in its software-defined networking for wide-area network (SD-WAN) solutions for business users. If exploited, the flaws could enable bad actors to execute commands with root privileges on affected systems. To exploit the vulnerabilities attackers need to first be local and authenticated.

The three flaws are located in various Cisco hardware and software products running the company’s SD-WAN software earlier than Release 19.2.2 (the fixed release). Hardware includes the company’s SD-WAN solutions: vBond and vSmart controllers (which implements network connectivity), the vManage Network Management system (the centralized management platform) and the vBond Orchestrator software (which performs authentication of all elements in the network). Also affected are various vEdge routers, and the corresponding vEdge cloud router platform.

“The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory,” according to Cisco’s Wednesday advisory.

Oblig xkcd: Exploits of a mom

Original Submission

 
This discussion has been archived. No new comments can be posted.
Cisco Warns Of High-Severity Software Defined-Wan Flaws | Log In/Create an Account | Top | 3 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Insightful) by sjames on Friday March 20 2020, @05:09PM (1 child)

    by sjames (2882) on Friday March 20 2020, @05:09PM (#973557) Journal

    Personally, I *AM* against the various soft networks. Not the concept itself, but for the layer of indirection that keeps you from actually understanding what is happening on the network. It doesn't do anything that you couldn't already do with the pre-existing technology, it just adds buzzword compliance.

    Starting Score:    1  point
    Moderation   +1  
       Insightful=1, Total=1
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 2) by Hyperturtle on Wednesday March 25 2020, @04:25PM

    by Hyperturtle (2824) on Wednesday March 25 2020, @04:25PM (#975522)

    yeah I think this all just makes it harder.

    I know all about this compliance you speak of, and buzzwords sure can make that worse... it just hides the complexity while making it harder for the non-technical to uniformly apply some compliance script to things they might not understand.

    It's already hard enough to meet a (possibly arbitrary) compliance standard without having an easy means to justify the workings some black box that no one knows what happens in it when the wizard is alseep, and their support don't exactly know how it works either.

    SDNs can make a lot of things... easier. More functionality can be made available for cheaper. But watch out if it breaks or there are legal questions (or customer demands about security or privacy) when even the people that support are clueless.

    It's always a good idea to find out if someone knows what is going on under the hood--if not very well, then at least in theory...