Proof-of-Concept Exploit Code Release Leads to Cisco Patching Critical Flaw

Author: Melodie Foster

Date: 18th November 2020

Sensitive information can be accessed by remote, unauthenticated attackers due to a critical path-traversal flaw in Cisco’s Security Manager. A proof-of-concept exploit code was published for the critical flaw which led to Cisco hurrying out a patch released the next day.

Cisco Security Manager is a security management application for enterprise administrators which lets them control different security policies, troubleshoot security issues and manage a range of devices. Therefore, for the application to have a vulnerability that could potentially allow remote, unauthenticated attacker to access sensitive data, it has been rated critical. It is been given a CVSS score of 9.1 out of 10.

Cisco said about the flaw, “An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to download arbitrary files from the affected device.”

The vulnerability is due to the improper validation of directory traversal character sequences within requests to an affected device according to Cisco. If an attacker manipulates variables references files with “../” sequences it is possible to access arbitrary files and directories stored on the files system including application source code or critical systems files[1].

[1] https://threatpost.com/critical-cisco-flaw-sensitive-data/161305/

Other resources

Cyberfort Colocation Services

Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >

What can Cyberfort do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives

Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >

Cookie Name	Expiration Time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

_gac_<property-id>	90 days	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
__hstc	13 months	The main cookie for tracking visitors.
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
__hssc	30 minutes	This cookie keeps track of sessions.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.

Proof-of-Concept Exploit Code Release Leads to Cisco Patching Critical Flaw

Author: Melodie Foster

Date: 18th November 2020

Other resources

Cyberfort Colocation Services

What can Cyberfort do for you?

Cyberfort Deep Dives

Recent Posts

Recent Comments

Archives

Categories

Meta