Earlier this week, Cisco published 16 security advisories on its website (link at bottom of page) for its product line. Three of those advisories include vulnerabilities classified as ‘Critical’: CVE-2018-0222, CVE-2018-0268, and CVE-2018,0271.

Of the three, CVE-2018-0222 stands out in particular as it involves hardcoded administrator credentials for Cisco’s Digital Network Architecture (DNA) Center. Cisco notes in the advisory why this matters to users.

“[This] vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials.”

In the advisory, the actual credentials are not listed.

Instances of the Cisco DNA Center prior to version 1.1.3 are affected. To identify if your Cisco DNA Center is affected, the company suggests the following for administrators:

1. By using a compatible, HTTPS-enabled browser, log in to the Cisco DNA Center GUI via HTTPS.
2. On the DNA Center home page, click the settings (gear) icon, and then click About DNA Center.

The System version field indicates which release is currently running on the system.

At the time of this posting, Cisco has not released any workarounds. For now, users can download and install a free patch offered by Cisco to remove the account.

If you have any questions as to how this vulnerability or others listed on Cisco’s Security Advisories page could impact your operations, contact us by email at contact@layer8security.com, or by phone at (610) 766-7312.

 

Related Links:

Cisco Security Advisories – https://tools.cisco.com/security/center/mpublicationListingDetails.x?docType=CiscoSecurityAdvisory

Cisco Digital Network Architecture Center Static Credentials Vulnerability (CVE-2018-0222) – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180516-dnac

BACK TO BLOGS