





3





3 Shares

Cisco have recently disclosed a security flaw in one of their products that could have serious consequences. As revealed, a static password vulnerability existed in Cisco Smart Software Manager On-Prem product exposing sensitive parts of the system to remote attackers.

Cisco Disclosed Static Password Vulnerability

Cisco have revealed a serious vulnerability in Cisco’s Smart Software Manager (SSM) On-Prem product. The vulnerability, CVE-2020-3158, existed in the High Availability (HA) service of the product exposing sensitive system parts to unauthenticated remote attackers.

As described in an advisory, the vulnerability existed because of the implementation of default and static password. Thus, any remote attacker could exploit the default account to connect to the system. The adversary could then gain access to sensitive locations.

A successful exploit could allow the attacker to obtain read and write access to system data, including the configuration of an affected device. The attacker would gain access to a sensitive portion of the system, but the attacker would not have full administrative rights to control the device.

Flaw Patched – Update Now

The vulnerability caught the attention of Steven Van Loo of hIQkru whom Cisco has acknowledged for reporting the flaw.

The vendors elaborated that this bug affected all Cisco Smart Software Manager On-Prem releases earlier than 7-202001. Yet, the bug could become active only with HA feature enabled.

Cisco fixed the flaw in Cisco SSM On-Prem 7-202001 and later releases. Other than, patching, the vendors have also confirmed no active exploitation of the flaw.

This static password vulnerability marks the only flaw reported until now in February with a critical severity rating. While Cisco have fixed numerous vulnerabilities in different products, as revealed through the advisories, all of them received a medium or high-severity rating.

Though, in January, Cisco fixed a critical security flaw in Firepower Management Center (FMC) that could allow remote code execution.

Let us know your thoughts in the comments.