On May 16th, Cisco released a number of security announcements that it had fixed three high-risk vulnerabilities in the Digital Network Architecture (DNA) Center, including unauthorized access and security certification bypass.
Vulnerability Overview
DNA Center Authentication Bypass Vulnerability (CVE-2018-0271)
- CVSS Base 10.0
A vulnerability in the Cisco (DNA) Center’s API Gateway may allow unauthenticated remote attackers to bypass authentication and access critical services.
The vulnerability stems from not normalizing the URL before the service request. An attacker could exploit this vulnerability by submitting a well-designed URL. A successful attack may allow an unauthorized attacker to gain access to critical services.
Affected version
- Cisco DNA Center Software Releases < 1.1.2
Unaffected version
- Cisco DNA Center Software Releases >= 1.1.2
Reference link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dna2
DNA Center Static Credentials Vulnerability (CVE-2018-0222)
- CVSS Base 10.0
This vulnerability could allow an unauthorized remote attacker to log in to the system when the system administrator’s account is using the default static user credentials.
This vulnerability is due to undocumented static user credentials for the software’s default administrative account. An attacker could exploit this vulnerability by using this account to log in to the affected system. A successful attack may allow an attacker to log in to the affected system and execute arbitrary commands with root privileges.
Affected version
- Cisco DNA Center Software Releases < 1.1.3
Unaffected version
- Cisco DNA Center Software Releases >= 1.1.3
Reference link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dnac
- CVSS Base 10.0
A vulnerability in the Cisco (DNA) Center’s container management subsystem could allow unauthenticated remote attackers to bypass authentication and gain elevated privileges.
This vulnerability stems from the fact that the default configuration of the Kubernetes container management subsystem in the DNA Center is not secure. Attackers who have access to the Kubernetes service port can use elevated privileges to execute commands in the provided container. Successful use may result in complete leakage of the affected container.
Affected version
- Cisco DNA Center Software Releases <= 1.1.3
Unaffected version
- Cisco DNA Center Software Releases >= 1.1.4
Reference link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dna
Solution
Cisco official version has been released to fix the above loopholes, affected users should upgrade as soon as possible protection.
Users can query the version of Cisco DNA Center Software they are using by following these steps:
- Log in to the Cisco DNA Center GUI using a browser that supports HTTPS.
- On the home page of the DNA Center, click the Settings (gear) icon and then click on “About DNA Center”.
- The current software version is displayed in the System version.
