Cisco issues critical warning after CIA WikiLeaks dump bares IOS security weakness
Cisco says vulnerability in 300 models of Catalyst switches
http://www.networkworld.com/article/3182871/security/cisco-issues-critical-warning-after-cia-wikileaks-dump-bares-ios-security-weakness.html
By Michael Cooney
Online News Editor, Network World | MAR 20, 2017 9:07 AM PT
Credit: Ilya Pavlov/Unsplash
A vulnerability in Cisco’s widely deployed IOS software that was disclosed in the recent WikiLeaks dump of CIA exploits has triggered the company to release a critical warning for its Catalyst networking customers.
+More on Cisco Security on Network World: Cisco security advisory dump finds 20 warnings, 2 critical+
The vulnerability — which could let an attacker cause a reload of an affected device or remotely execute code and take over a device — impacts more than 300 models of Cisco Catalyst switches from the model 2350-48TD-S Switch to the Cisco SM-X Layer 2/3 EtherSwitch Service Module.
Specifically, the vulnerability is contained in the Cluster Management Protocol which uses Telnet as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors Cisco said:
……..
--------------------------------------
1. Tower Totals: 2xSSD ~512GB, 2xHHD 20 TB, Memory 32GB
SSDs: 6xOS Partitions, 2xW8.1 Main & Test, 2x10.0 Test, Pro, x64
CPU i7 2600 K, SandyBridge/CougarPoint, 4 cores, 8 Threads, 3.4 GHz
Graphics Radeon RX 580, RX 580 ONLY Over Clocked
More perishable
2xMonitors Asus DVI, Sony 55" UHD TV HDMI
1. NUC 5i7 2cores, 4 Thread, Memory 8GB, 3.1 GHz, M2SSD 140GB
1xOS W8.1 Pro, NAS Dependent, Same Sony above.
-----------------
