Cisco Removes Backdoor Account, Fourth Incident in the Last Four Months

For the fourth time this year, Cisco has removed hardcoded credentials that were left inside one of its products, which an attacker could have exploited to gain access to devices and inherently to customer networks. From a report: This time around, the hardcoded password was found in Cisco's Wide Area Application Services (WAAS), which is a software package that runs on Cisco hardware that can optimize WAN traffic management. This backdoor mechanism (CVE-2018-0329) was in the form of a hardcoded, read-only SNMP community string in the configuration file of the SNMP daemon. SNMP stands for Simple Network Management Protocol, an Internet protocol for collecting data about and from remote devices. The community string was there so SNMP servers knowing the string's value could connect to the remote Cisco device and gather statistics and system information about it.

This sort of thing really gets the wrong spin

[shaitand]

Is it good that there were backdoors in the products? Of course not. But a rash of these sort of incidents being reported in a short time isn't a bad thing, it means someone is reviewing, cleaning house, and being transparent about it which is actually a good sign going forward. This kind of thing isn't a reason to dump a company or service it's more like six months ago you should have dumped them and didn't know it but now they are actually stepping up and whoever you switch to might be hiding all kinds of skeletons.