Walden Systems Geeks Corner News Cisco Flaw Allow Remote Control of Routers Rutherford NJ New Jersey NYC New York City North Bergen County

Cisco Flaw Allow Remote Control of Routers

Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.

A remote authentication-bypass vulnerability in Cisco routers have received the highest possible severity level of 10 out of 10 on the CvSS scale. It has been found in the Cisco REST API virtual service container for Cisco IOS XE Software. CVE-2019-12643 affects hardware running the REST API interface. These routers includes Cisco 4000 Series Integrated Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, Cisco Cloud Services Router 1000V Series, and Cisco Integrated Services Virtual Routers.

The flaw could allow an unauthenticated, remote hacker to bypass authentication on a managed Cisco IOS XE device, and get full control of it. Code-execution and other attacks are possible. According to a Cisco advisory, the vulnerability is due to an improper check performed by the area of code that manages the REST API authentication service. An attack could allow the hacker to get the token-id of an authenticated user. This token-id could be used to bypass authentication and execute privileged actions through the REST API API in the virtual service container on the affected Cisco IOS XE device.

The REST API container is an application that provides a set of RESTful APIs as an alternative method to manage devices running Cisco IOS-XE Software. It is located in a virtual services container, which is a virtualized environment running on the host device. It is also referred to as a virtual machine, virtual service, or container. The REST API virtual service is not a native capability within Cisco IOS XE, but it is delivered as an open virtual application package file. The REST API interface is not enabled by default and must be installed and activated separately on IOS XE devices.

For companies that have enabled REST API, Cisco has patched the bug in the latest software release, and has released a hardened Cisco IOS XE Software version that prevents installation or activation of a vulnerable container on a device from now on. If the device was already configured with an active vulnerable container, the IOS XE Software upgrade will deactivate the container. In order to restore the REST API functionality, organizations should upgrade the Cisco REST API virtual service container to a fixed software release.