Default and leaky creds, remote code execution and more In Cisco's weekly security update list, there are three criti
Default and leaky creds, remote code execution and more
In Cisco’s weekly security update list, there are three critical bugs affecting its Elastic Services Controller and Ultra Services Framework.
Switchzilla warns its Elastic Services Controller (a network function virtualisation management environment) has static default credentials that would let a remote attacker log into the controller’s UI.
The credentials are shared between multiple installations, meaning a miscreant âcould generate an admin session token that allows access to all instances of the ESC web UIâ.
There’s also a privilege escalation bug: user
tomcat has access to shell commands that lets that user overwrite any file on the system, and elevate their privilege to root.
The first bug in the Ultra Services Framework’s (USF) automation service has an insecure configuration of the Apache ZooKeeper service, which again is remotely exploitable if the attacker can get at the orchestrator network.
The framework also has a bug in its staging server: a goof in shell invocations means an unauthenticated remote attacker can craft âCLI command inputs to execute Linux shell commands as the root user.â
There’s also a credential disclosure bug in the USF’s AutoVNF: it logs admin credentials in clear text, which an attacker can retrieve if they know the logfile’s URL.
The same product also has a symbolic link error that exposes the system to arbitrary file read and malicious code execution. Â®
Stopping the hackers is all In the maths