Home → News → Flaws Discovered in Cisco's Network Operating System... → Full Text

Flaws Discovered in Cisco's Network Operating System for Switches

By The Hacker News

February 28, 2022

[article image]

Technology conglomerate Cisco has issued software patches to correct four security flaws that hackers could exploit to commandeer affected systems.

The most critical patch fixes a command injection flaw in the NX-API feature of Cisco NX-OS software, stemming from insufficient input validation of user-supplied data.

Cisco warned, "A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system."

Other bugs the patches target include two high-severity denial-of-service (DoS) vulnerabilities in NX-OS in the Cisco Fabric Services Over IP and Bidirectional Forwarding Detection traffic functions.

The fourth patch corrects a DoS flaw in the Cisco Discovery Protocol service of Cisco FXOS Software and Cisco NX-OS Software, which could "allow an unauthenticated, adjacent attacker to cause the service to restart, resulting in a denial of service condition.

From The Hacker News
View Full Article


Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA


No entries found