Several of Cisco Systems' Catalyst line of switches and routers contain a vulnerability that could be leveraged by attackers to gain complete control over an affected system, the San Jose, Calif.-based networking giant said Wednesday.
Cisco Catalyst 6000 and 6500 switches and Cisco 7600 series routers that have a Network Analysis Module (NAM) installed are susceptible to a Simple Network Management Protocol (SNMP) communication spoofing vulnerability, according to a Cisco advisory.
By spoofing the SNMP communication between the Catalyst system and the NAM, an attacker could take complete control of the Catalyst system, Cisco noted. The flaw affects routers that run Cisco's Internetwork Operating System (IOS) and Catalyst Operating System (CatOS).
NAMs provides integrated network traffic monitoring and analysis from local and remote switches and routers and gives insight into which applications are running and how they're performing.
Hackers are increasingly trying to access components of devices and systems that haven't been traditional attack vectors, which is likely why Cisco feels it's important to patch this type of vulnerability, said Chris Labatt-Simon, president and CEO of D&D Consulting, an Albany, N.Y.-based Cisco solution provider.
Labatt-Simon added that the modular architecture Cisco uses helps mitigate security vulnerabilities by restricting their impacts to specific components. "There are no unusual targets these days with regard to vulnerabilities: Today we have to assume that everything is fair game," he said.
Cisco issued a patch for the SNMP spoofing vulnerability and gave it a CVSS base score of 10, while Symantec Deepsight also gave it a 10.
Since its launch about seven years ago, Catalyst 6500 switches have topped $20 billion in sales, and the modules Cisco uses to integrate services such as security and VoIP into the Catalyst 6500 platform provide lower total cost of ownership, according to solution providers.
In a separate Wednesday advisory, Cisco said an attacker could trigger a denial of service attack on Catalyst 6000, 6500 and 7600 series switches and routers by sending a rigged Multi Protocol Label Switching (MPLS) packet to an affected system.
MPLS integrates Layer 2 information about network links into Layer 3 within a service provider network to boost efficiency of IP packet exchange and allow ISPs to offer more scalability and service diversity to customers.
Cisco said the flaw affects Catalyst 6000, 6500 and Cisco 7600 systems running a hybrid of CatOS on the Supervisor Engine and IOS on the Multilayer Switch Feature Card (MSFC), as well as Catalyst 6500 systems running with Cisco IOS software modularity.
Cisco gave the MPLS flaws a CVSS base score of 3.3, but Symantec Deepsight rated its severity as 6.2 on its proprietary 10-point scale.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
