”Forged DNA”: Cisco DNA Center Bug Opens Enterprises to Remote Attack

cisco dna center

A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the Cisco Digital Network Architecture (DNA) center, which could put enterprise users at risk of remote attacks and takeovers.

CVE-2021-1257 as it is designated, is present in the web management interface of the Cisco DNA Center. This web interface is a centralised network-management and orchestration platform for Cisco DNA. It carries a CVSS vulnerability-severity with a score of 7.1, making it high-severity.

Versions prior to 2.1.1.0 are affected due to a lack of CSRF protection. An attacker could use social engineering to trick a web-based management user into following a specially crafted link, via a phishing email or chat. If the user clicks on the link, the attacker can then perform arbitrary actions on the device with the privileges of the authenticated user.

The impact:

CSRF attacks force end-users to execute actions that are not intended by the user on a web application. This happens in the context of their authentication, the more permissions a user has and the more dangerous a CSRF is.

The presence of the CSRF in the CISCO DNA Center could allow an unauthenticated, remote attacker to seize control of an authenticated user account.

The remediation:

The vulnerability received a patch in CISCO DNA Center Software releases 2.1.1.0, 2.1.2.0, 2.1.2.3, and 2.1.2.4, as well as later versions. It is recommended that those running the vulnerable software version patch to the latest version as soon as possible.

As of the time of this article, version 2.1.2.x is the latest version.

Source: Threat Post

Risk Crew