Cisco flaw leaves small business networks vulnerable

walden, system, systems, walden systems, rita, firewall, port, forward, up, protect, intrusion, security, traffic, DMZ, block, protection, walden systems, walden, systems, network, fire, wall, hack, intrusion, cisco, router, network, switch, hub, IoT, traffic, marriot, data breach, passport, darthminer, crypto, mac, cisco, soho
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

A default configuration allows full admin access to unauthenticated users. A critical and unpatched vulnerability in the widely used Cisco Small Business Switch software leaves a gaping hole for remote, unauthenticated hackers to be able gain full administrative control over the device. Cisco Small Business Switches were developed for small office and home office environments, to manage and control small local area networks with no more than a handful of workstations. They come in cloud-based, managed and unmanaged version and is an affordable solution for small businesses.

The vulnerability (CVE-2018-15439), which has a critical base CVSS severity rating of 9.8, is because the default configuration on the devices includes a default, privileged user account that is used for the initial login and cannot be removed from the system. An administrator can disable this account by configuring other user accounts with access privilege set to level 15. However, if all user-configured privilege level 15 accounts are removed from the device configuration, it re-enables the default privileged user account without notifying administrators of the system. Under these circumstances, a hacker can use this account to log in and execute commands with full admin rights.


Since the switches are used to manage a LAN, a successful attack means that a hacker would gain access to network security functions such as firewalls, as well as the management interface for administering voice, data and wireless connectivity for network devices. There's currently no patch to fix the vulnerability. There is, however, a simple workaround. Add at least one user account with access privilege set to level 15 in the device configuration. Users can configure an account by using admin as user ID, setting the access privilege to level 15. Also define the password by replacing strong_password with a complex password. When you add this user account, the default privileged account will be disabled.

The vulnerability affects Cisco Small Business 200 Series Smart Switches, 250 Series Smart Switches, 300 Series Managed Switches, 350 Series Managed Switches, Cisco 350X Series Stackable Managed Switches, 500 Series Stackable Managed Switches and 550X Series Stackable Managed Switches. The Cisco 220 Series and 200E Series Smart Switches aren't affected, and neither are devices running Cisco IOS Software, Cisco IOS XE Software or Cisco NX-OS Software, according to the networking giant.