View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 30, 2019

Urgent Call to Businesses to Patch Critical Cisco Vulnerability

Vuln. ranked 10 on the CVSS system

By CBR Staff Writer

Businesses should urgently check which routers their networks are using and look to patch them after a critical Cisco vulnerability was identified.

The vulnerability has the highest possible severity rating of 10 on the CVSS system. Its exploitation would let an attacker easily grab the credentials of an authenticated user and use them to escalate attacks on sensitive infrastructure.

The issue affects four Cisco products, which also need to be running its IOS XE Software for the attack to be effective, the company said in a security update.

The vulnerability is due to an improper check performed by the area of code that manages the REST API authentication service.

Critical Cisco Vulnerability Affects These Products

The following four Cisco routers are affected:

  • The Cisco 4000 Series Integrated Services Routers
  • The Cisco ASR 1000 Series Aggregation Services Routers
  • The Cisco Cloud Services Router 1000V Series
  • The Cisco Integrated Services Virtual Router

This vulnerability resides in the Cisco REST API virtual service container.

The networking firm said it has released a fixed version of the REST API virtual service container, along with a hardened Cisco IOS XE Software release that prevents installation or activation of a vulnerable container on a device.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

See also: Imperva Hacked: Customer API Keys, SSL Certificates Stolen

Animesh Jain, Signature Engineer at Qualys, said: “Detecting Cisco REST API Virtual Service Container is enabled on the Device – router#show virtual-service detail | include Restful Restful API Enabled, UP port: 55443

“If this command does not exist, produces an empty output, or if the string Enabled, UP is absent, the device is not affected by the vulnerability.”

The team at Qualys advocates carrying out environmental scans for companies using Cisco routers to check that they don’t have devices with the issues in place; if they do have routers with affected software, these should be updated as quickly as possible.

“Putting a full IT asset inventory process in place, building up accurate data on assets that is kept up to date in real time, helps teams be more proactive in situations like these too. Free tools are available to help companies do this in any case.”

See also: 700 Companies Signed Up for this Free IT Asset Inventory Tool on Day #1

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.