Hardcoded admin passwords in Cisco DNA Center could put your enterprise network at risk

Cisco released a list of 16 security advisories on May 16, including three critical flaws in the Cisco Digital Network Architecture (DNA) Center that rated a 10/10 on the CVSS (Common Vulnerability Scoring System) scale.

The three critical flaws all give attackers elevated privileges that can compromise the entirety of the DNA Center but go about it in very different ways. One involves exploiting a hardcoded admin password, one attacks the Kubernetes port, and the third relies on a specially crafted URL not being normalized before DNA Center resolves a service request. Cisco has released an update to the DNA Center (v 1.1.3) that resolves all three security flaws.

Read more about the three critical flaws in Cisco DNA Center that could allow an attacker to seize complete administrative control on TechRepublic.

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief