Slashdot Mirror


Hardcoded Password Found in Cisco Enterprise Software, Again (bleepingcomputer.com)

Catalin Cimpanu, writing for BleepingComputer: Cisco released 16 security advisories yesterday, including alerts for three vulnerabilities rated "Critical" and which received a maximum of 10 out of 10 on the CVSSv3 severity score. The three vulnerabilities include a backdoor account and two bypasses of the authentication system for Cisco Digital Network Architecture (DNA) Center. The Cisco DNA Center is a piece of software that's aimed at enterprise clients and which provides a central system for designing and deploying device configurations (aka provisioning) across a large network. This is, arguably, a pretty complex piece of software, and according to Cisco, a recent internal audit has yielded some pretty bad results.

2 of 70 comments (clear)

  1. Who the Fuck is Writing the Shit? by sycodon · · Score: 3, Funny

    Are they using overseas programmers?

    Is this another success of outsourcing?

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
  2. Re:Irrefutable facts. by scdeimos · · Score: 4, Funny

    Either they are effectively completely incompetent or they're effectively completely malicious.

    We're talking about Cisco here. What makes you think it's an either/or choice?