Cisco Issues Critical Fixes for High-End Nexus Gear

Cisco Critical Fixes
Share It On:

28th August 2021, Kathmandu

Networking giant issues two critical patches and six high-rigor patches.

Cisco Systems relinquished six security patches tied to its high-end 9000 series networking gear ranging in paramountcy from critical, high, and medium rigor.

The most earnest of the bugs patched by Cisco (rated 9.1 out of 10) could sanction a remote and unauthenticated adversary to read or inscribe arbitrary files onto an application protocol interface utilized in Cisco 9000 series switches designed to manage its software-defined networking data center solution.

This critical susceptibility, tracked as CVE-2021-1577, impacts Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC). APIC is the main architectural component of the Cisco Application Centric Infrastructure, which runs on the Cisco Nexus 9000 Series node.

 “This susceptibility is due to incongruous access control. An assailer could exploit this susceptibility by utilizing a concrete API endpoint to upload a file to an affected contrivance,” indited Cisco in its Wednesday security bulletin. Affected products are Cisco APIC and Cisco Cloud APIC.

As with each of the bugs and fine-tunes promulgated Wednesday, Cisco verbally expressed mitigations are available for each of the susceptibilities and it is not vigilant of any publicly kenned exploits for those bugs patched. The relinquishment Wednesday, which included 15 patches in all, was a component of a Cisco “bundled publication” of security fine-tunes for its Firepower Extensible Operating System and is Linux kernel compatible NX-OS software.

A Nexus of Bug Fine-tunes

Cisco additionally addressed two high-rigor Nexus 9000 bugs (CVE-2021-1586, CVE-2021-1523) and three medium-rigor imperfections (CVE-2021-1583, CVE-2021-1584, CVE-2021-1591). The two high-rigor bugs (both with a base CVSS score of 8.6) are denial of accommodation imperfections.

“A susceptibility in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could sanction an unauthenticated, remote assailer to unexpectedly restart the contrivance, resulting in a denial of accommodation (DoS) condition,” inscribed Cisco.

A second high-rigor Nexus 9000 series susceptibility is described by Cisco as an imperfection in its Fabric Switches ACI Mode Queue Wedge.

“[The imperfection] could sanction an unauthenticated, remote assailant to cause a queue wedge on a leaf switch, which could result in critical control plane traffic to the contrivance being dropped. This could result in one or more leaf switches being abstracted from the fabric,” Cisco noted.

Cisco notes that mitigation for this bug requires “a manual intervention to power-cycle the contrivance to recover” after patches have been applied. Affected are generation 1 model N9K (Nexus 9000) series fabric switches.

Critical QNX ‘BadAlloc’ Bugs – Nothing to Visually perceive Here

On Wednesday, Cisco relinquished a second critical advisory for its gear tied to a QNX operating system bug, reported on August 17 by BlackBerry. That bug, according to BlackBerry, could sanction threat actors to surmount or launch denial of accommodation attacks on contrivances and critical infrastructure by exploiting what is called BadAlloc bugs. QNX is BlackBerry’s genuine-time OS, utilized in embedded systems such as automobiles, medical contrivances, and handsets.

While Cisco verbally expresses none of its products are impacted by the QNX bug, it has rated the advisory as critical. “Cisco has consummated its investigation into its product line to determine which products may be affected by this susceptibility. No products are kenned to be affected,” it indited.

The Cisco advisory outlines switch and router products that “leverage the affected QNX software”, however “Cisco has corroborated that the susceptibility is not exploitable on these platforms.”

Cisco products running QNX include:

  • Channelized shared port adapters (SPAs) (CSCvz34866)
  • Circuit Emulation over Packet (CEOP) SPAs (CSCvz34865)
  • IOS XR 32-bit Software (CSCvz34871)

Note: IOS XR 64-bit Software does not leverage QNX software.

  • RF Gateway 10 (CSCvz34869)

Share It On:

Recent Posts

Gaur’s Bajaj Mileage Champion: A Testament to Platina’s Fuel Efficiency

Gaur’s Bajaj Mileage Champion: A Testament to Platina’s Fuel Efficiency

Share It On:26th November 2024, Kathmandu The Bajaj Mileage Champion event was successfully concluded in Gaur, Rautahat, bringing together Bajaj

Melaka ICT Holdings Awarded (MICTH) Asia’s Most Promising SMEs for Smart City & Digital Transformation Leadership

Melaka ICT Holdings Awarded (MICTH) Asia’s Most Promising SMEs for

Share It On:Melaka ICT Holdings Sdn Bhd (MICTH), a key player in enhancing the digital and telecommunications landscape of Melaka,

Airple Revolutionizes Aircon Maintenance with New Website & App – Book, Track, and Manage Services Effortlessly

Airple Revolutionizes Aircon Maintenance with New Website & App –

Share It On:26th November 2024, Kathmandu On October 4, 2024, Airple, a leader in air conditioning installation, repair, and aircon

“Medical Elite: Regenerative Medicine” – Discover Stem Cell Therapy’s Potential on Discovery Channel

“Medical Elite: Regenerative Medicine” – Discover Stem Cell Therapy’s Potential

Share It On:26th November 2024, Kathmandu A riveting new documentary, Medical Elite: Regenerative Medicine, featuring Japan’s premier STEMCELL Co., Ltd,

Robert Walters Digital Salary Survey 2025: Insights on Hong Kong Job Market, In-Demand Roles, and Salary Trends

Robert Walters Digital Salary Survey 2025: Insights on Hong Kong

Share It On:26th November 2024, Kathmandu Hong Kong’s job market has experienced significant challenges over the past year, with layoffs

CNI Appoints Birendra Raj Pandey as Senior Vice President

CNI Appoints Birendra Raj Pandey as Senior Vice President

Share It On:26th November 2024, Kathmandu Birendra Raj Pandey has been appointed as the Senior Vice President of the Confederation