Cisco patches severe password reset flaw that lets hackers hijack SSM On-Prem license servers
- by nlqip
In principle, an attacker could use this access to steal licenses, or interfere with or revoke licensed features. However, it’s more likely that a compromise would be used to establish a bridgehead for lateral movement deeper inside the network.
Some better news
There’s an important qualification: any attacker exploiting the flaw would need to initiate a password change to gain access. Given how central licensing is to day-to-day network management, an organization’s admins would surely notice this very quickly. Equally, however, regaining control of a hijacked server would not be quick or easy.
Cisco said that, to date, its product security incident response team (PSIRT) is not aware of any malicious exploits targeting the vulnerability, which indicates that the issue has hopefully been contained.
Source link
lol
In principle, an attacker could use this access to steal licenses, or interfere with or revoke licensed features. However, it’s more likely that a compromise would be used to establish a bridgehead for lateral movement deeper inside the network. Some better news There’s an important qualification: any attacker exploiting the flaw would need to initiate…
Recent Posts
- Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
- How to reduce cyber risk during employee onboarding
- Germany seizes 47 crypto exchanges used by ransomware gangs
- Police dismantles phone unlocking ring linked to 483,000 victims
- Ahead Adds Former Google Cloud VP To Board To ‘Fuel’ AI, Hybrid Cloud