Hardcoded Password Found in Cisco Enterprise Software, Again

Catalin Cimpanu, writing for BleepingComputer: Cisco released 16 security advisories yesterday, including alerts for three vulnerabilities rated "Critical" and which received a maximum of 10 out of 10 on the CVSSv3 severity score. The three vulnerabilities include a backdoor account and two bypasses of the authentication system for Cisco Digital Network Architecture (DNA) Center. The Cisco DNA Center is a piece of software that's aimed at enterprise clients and which provides a central system for designing and deploying device configurations (aka provisioning) across a large network. This is, arguably, a pretty complex piece of software, and according to Cisco, a recent internal audit has yielded some pretty bad results.

Who the Fuck is Writing the Shit?

[sycodon]

Are they using overseas programmers?

Is this another success of outsourcing?

Re: Who the Fuck is Writing the Shit?

Are they using overseas programmers?

Is this another success of outsourcing?

Almost certainly. We all know overseas cheap programmers and H1-Bs provide the much needed skills America is so badly lacking /sarcasm

The only thing America is lacking is companies willing to pay market rates for talent without getting the government to artificially dilute the labor supply through unneeded immigration and tax breaks for outsourcing.

Re:Irrefutable facts.

[scdeimos]

Either they are effectively completely incompetent or they're effectively completely malicious.

We're talking about Cisco here. What makes you think it's an either/or choice?