Mobile spyware fan Saudi Crown Prince accused by US intel of Khashoggi death theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.
minute read
Share this article:
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
A critical vulnerability in Cisco Systems’ intersite policy manager software could allow a remote attacker to bypass authentication.
The vulnerability is one of three critical flaws fixed by Cisco on this week. It exists in Cisco’s ACI Multi-Site Orchestrator (ACI MSO) this is Cisco’s management software for businesses, which allows them to monitor the health of all interconnected policy-management sites.
The flaw stems from improper token validation on an API endpoint in Cisco’s ACI MSO.
Cisco fixes maximum severity MSO auth bypass vulnerability
By
04:03 PM
Cisco has addressed a maximum severity authentication bypass vulnerability found in the API endpoint of the Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine.
Cisco ACI MSO is an intersite network and policy orchestration solution that helps admins monitor the health of their organizations interconnected sites across multiple data centers.
Impacts only MSO 3.0 releases A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected device, Cisco explained.