WARNING: Critical access control vulnerability in Cisco SD-WAN vManage API
Referentie:
Advisory #2023-82
Versie:
1.0
Geïmpacteerde software:
Cisco SD-WAN vManage API
Type:
Access control vulnerability
CVE/CVSS:
CVE-2023-20214 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Datum:
14/07/2023
Bronnen
Risico’s
A critical access control vulnerability in the request authentication validation of the Cisco SD-WAN vManage API, could allow an unauthenticated, remote attacker to gain read permissions or limited write permissions to the configuration of an affected Cisco SD-WAN vManage instance.
This could allow an attacker to modify the configuration of devices managed by the Cisco SD-WAN vManage instance. On top of that, the attacker could gain valuable intelligence regarding the devices being used in the environment. This could lead to follow up attacks targeting vulnerable devices.
Beschrijving
CVE-2023-20214 is an access control vulnerability (CWE-284) caused due to insufficient request validation when using the REST API feature. An attacker could exploit this vulnerability by sending a crafted API request to a remote accessible affected vManage instance. A successful exploit could allow the attacker to retrieve information from and send information to the configuration of the affected Cisco vManage instance.
It is important to note that this vulnerability only affects the vManage API and not the web-based management interface or the CLI.
Aanbevolen acties
The Centre for Cyber Security Belgium strongly recommends system administrators to take the following actions:
Install the patches released by Cisco: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdv...
Cisco SD-WAN vManage:
- 20.6.3.3 => Update to v20.6.3.4
- 20.6.4 => Update to v20.6.4.2
- 20.6.5 => Update to v20.6.5.5
- V20.7 => Migrate to a fixed release
- V20.8 => Migrate to a fixed release
- 20.9 => Update to v20.9.3.2
- V20.10 => Update to v20.10.1.2
- V20.11 => Update to v20.11.1.2
There are no workarounds available, but Cisco recommends to reduce the attack surface by enabling access control list to limit access to the vManage instance.