Cisco has fixed a Critical authentication bypass vulnerability CVE-2021-34746 in NFV Infrastructure Software (NFVIS) TACACS+ authentication, authorization and accounting (AAA) feature.
An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.
“This vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. An attacker could exploit this vulnerability by injecting parameters into an authentication request. A successful exploit could allow the attacker to bypass authentication and log in as an administrator to the affected device,” Cisco warned in the advisory.
The Critical rated vulnerability CVE-2021-34746 (CVSS score or 9.8) affects Cisco Enterprise NFVIS Release 4.5.1 if the TACACS external authentication method is configured.
Moreover, administrators can run the show running-config tacacs-server command to discover if the TACACS external authentication feature is enabled. If the command results show “No entries found,” then the feature is not enabled.
An update was released on September 1, 2021 to address the issue.
In addition, Cisco also released Medium severity patches for additional products from September 1 through September 3 this week:
- Cisco Firepower Device Manager On-Box Software Remote Code Execution Vulnerability (CVE-2021-1518)
- Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability (CVE-2021-34733)
- Cisco Prime Collaboration Provisioning Cross-Site Scripting Vulnerability (CVE-2021-34732)
- Cisco Identity Services Engine Cross-Site Scripting Vulnerability (CVE-2021-34759)
- Cisco Nexus Insights Authenticated Information Disclosure Vulnerability (CVE-2021-34765).
Finally, Cisco also published a High risk advisory for OpenSSL vulnerabilities (CVE-2021-3449 and CVE-2021-3450) on August 31. The latest update added a fix for Webex Room Phone after other Cisco products were patched earlier this year.
OpenSSL had patched the two High severity OpenSSL vulnerabilities back in March in certain OpenSSL versions. As a result, a bad actor could exploit and launch a Denial of Service attack against impacted systems.
On a similar note, QNAP and other network storage makers have issued security advisories for OpenSSL remote code execution and denial-of-service (DoS) vulnerabilities that impact its network-attached storage (NAS) devices.
Readers can also check out Cisco’s security advisories page for more details on most recent Cisco product vulnerabilities and mitigations.
- Cisco releases security update for Critical UPnP vulnerability in small business routers
- Cisco warns of active exploits against Cisco ASA XSS vulnerability (CVE-2020-3580)
- Cisco patches vulnerabilities in HyperFlex HX, SD-WAN and other products
- Cisco patches AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366)