back to article SD-WAN admin? Your number came up in Cisco's latest bug list

Cisco's irregular patch cycle has come round again and this time the focus is on the company's SD-WAN product. As well as high-rated bugs in Webex, small business routers and various security products, Switchzilla has disclosed one critical bug in its SD-WAN, and another four vulnerabilities rated high. That critical rating …

  1. _LC_
    Facepalm

    Needless to say

    Needless to say that it’s Huawei we need to worry about. ;-)

  2. Anonymous Coward
    Anonymous Coward

    Are these mistakes, or back doors?

    I mean really, Cisco is supposed to be the big dog, the one that has the engineers and an industry standard. But their exploits are so powerfull that it just feels like a lot of these are backdoors that they decided to close once they got into the wild, to prevent loosing business. Makes me wonder just how many backdoors there are into their products. They should start password protecting these, maybe work with RSA (another week backdoor maker) and come up with a semi secure backdoor using both their products. Bah, doesn't matter, as the NSA says - All your data are belong to U.S.

  3. CheesyTheClown

    Starting points for security researchers

    CDP on IOS-XE: remote code execution

    I reported this but got blown off 18 months ago. Using any XE image 3.12 or later, especially on switches, single-step the CDP module to find an overflow. In some versions, the kernel segfaults (overflow) simply parsing changes to native vlan changes from the remote. CSR1000v can be used to reproduce. The error is probably in misuse of sk_buff and Alan Cox's psnap module.

    SAML on ISE Man in the middle

    Reported this two years ago, got blown off. ISE's SAML implementation incorrectly reports SAML versioning in their schema when identifying the Sp. This is due to hard coded values and ignoring settings from the IDp. It seems that the SAML service also ignores updated authentication tokens. Turn on verbose logging and intercept packets in transit between ISE and AD FS... alter packets and fake signatures to reproduce.

    ISE Web Portal

    just message me for a really long list. I'm typing with a mouse because my keyboard batteries died.

    Cisco only cares about security after it's a public CVE

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019