Vulnerability identifier: #VU14681
Vulnerability risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Network Services Orchestrator (NSO)
Web applications /
Remote management & hosting panels
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to the Network Plug and Play component performs incomplete validation when configured to use secure unique device identifiers (SUDI) for authentication. A remote attacker who controls a Cisco device that supports SUDI authentication and has connectivity to an affected NSO system can leverage information about the devices that are being registered on the NSO server to send crafted Cisco Network Plug and Play authentication packets and gain unauthorized access to configuration data for devices that will be managed by the NSO system.
Mitigation
The vulnerability has been fixed in the version 1.3.0.
Vulnerable software versions
Cisco Network Services Orchestrator (NSO): 1.2.0 - 2.0
External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-nso-infodis
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.