#VU56260 Improper Authentication in Enterprise NFV Infrastructure Software
Vulnerability identifier: #VU56260
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-287
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Enterprise NFV Infrastructure Software
Server applications /
Virtualization software
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in when processing authentication requests in the TACACS+ authentication, authorization and accounting (AAA) feature. A remote attacker can inject parameters into an authentication request, bypass authentication and log in as an administrator to the affected device.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Enterprise NFV Infrastructure Software: 4.5.1
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nfvis-g2DMVVh
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
