Global Market

Cisco identifies vulnerability in ISE network access control devices

Cisco

Johannes Ullrich, dean of analysis on the SANS Institute, stated, “Most probably, that is an XML Exterior Entity vulnerability.” Exterior entities, he defined, are an XML function that instructs the parser to both learn native recordsdata or entry exterior URLs. On this case, an attacker might embed an exterior entity within the license file, instructing the XML parser to learn a confidential file and embrace it within the response. It is a frequent vulnerability in XML parsers, he stated, sometimes mitigated by disabling exterior entity parsing.

An attacker would have the ability to acquire learn entry to confidential recordsdata like configuration recordsdata, he added, and probably person credentials. Ullrich additionally stated an ISE administrator could have entry to numerous the data, however they need to not have entry to person credentials.

The Cisco advisory says an attacker might exploit this vulnerability by importing a malicious file to the appliance: “A profitable exploit might permit the attacker to learn arbitrary recordsdata from the underlying working system that would embrace delicate information that ought to in any other case be inaccessible even to directors. To take advantage of this vulnerability, the attacker should have legitimate administrative credentials.”

Cisco stated proof-of-concept exploit code is out there for this vulnerability, however up to now the corporate isn’t conscious of any malicious use of the outlet. 

Today, admin credentials aren’t onerous to get, Harrington famous. The “soiled secret that few individuals wish to discuss is throughout IT and safety operations there are such a lot of techniques which are left with default credentials.” That’s notably frequent, he stated, with gadgets behind a firewall, akin to community entry management servers, as a result of admins suppose as a result of they’re contained in the community they’ll’t be touched by exterior hackers. However plenty of credentials might be scooped up in compromises of functions the place Cisco admins may need saved passwords.

See also  Auvik adds visualization tool to its network management platform

Associated content material: Cisco warns of three critical ISE vulnerabilities

Source link

TAGGED: , , , , , , ,
Share This Article
Previous Article Marvell to acquire XConn, boosting AI data centre connectivity Marvell to acquire XConn, boosting AI data centre connectivity
Next Article Schneider Electric appoints Matthew Baynes VP of data centre division Schneider Electric appoints Matthew Baynes VP of data centre division
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Your Trusted Source for Accurate and Timely Updates!

Our commitment to accuracy, impartiality, and delivering breaking news as it happens has earned us the trust of a vast audience. Stay ahead with real-time updates on the latest events, trends.
- Advertisement -
Ad image

Popular Posts

StorPool Boosts CloudStack Integration to Meet VMware Client Demands

StorPool Storage says, as a consequence of growing demand from VMware purchasers, it has expanded

PuppyGraph Raises $5M in Seed Funding

PuppyGraph, a San Francisco, CA-based graph question engine firm, raised $5M in Seed funding. The

Retrieval-augmented generation, step by step

Typically, the use of large language models (LLMs) in the enterprise falls into two broad categories. The

The code whisperer: How Anthropic’s Claude is changing the game for software developers

Be part of our every day and weekly newsletters for the most recent updates and

Hacker arrested for the fake SEC tweet that caused a Bitcoin price spike

The FBI has arrested an Alabama man who's accused of hacking the Securities and Trade