Cisco patches severe password reset flaw that lets hackers hijack SSM On-Prem license servers
- by nlqip
In principle, an attacker could use this access to steal licenses, or interfere with or revoke licensed features. However, it’s more likely that a compromise would be used to establish a bridgehead for lateral movement deeper inside the network.
Some better news
There’s an important qualification: any attacker exploiting the flaw would need to initiate a password change to gain access. Given how central licensing is to day-to-day network management, an organization’s admins would surely notice this very quickly. Equally, however, regaining control of a hijacked server would not be quick or easy.
Cisco said that, to date, its product security incident response team (PSIRT) is not aware of any malicious exploits targeting the vulnerability, which indicates that the issue has hopefully been contained.
Source link
lol
In principle, an attacker could use this access to steal licenses, or interfere with or revoke licensed features. However, it’s more likely that a compromise would be used to establish a bridgehead for lateral movement deeper inside the network. Some better news There’s an important qualification: any attacker exploiting the flaw would need to initiate…
Recent Posts
- Discord rolls out end-to-end encryption for audio, video calls
- Europol takes down “Ghost” encrypted messaging platform used for crime
- Phison President Promises AI Training, Tuning With A $50K Workstation
- Canary Trap’s Bi-Weekly Cyber Roundup – Canary Trap
- Cisco CX Leader Denzil Samuels Leaves For Solution Provider Behemoth NTT Data