Cisco Issues Critical Fixes for High-End Nexus Gear

Cisco Systems released six security patches tied to its high-end 9000 series networking gear ranging in importance from critical, high and medium severity.

The most serious of the bugs patched by Cisco (rated 9.1 out of 10) could allow a remote and unauthenticated adversary to read or write arbitrary files on to an application protocol interface used in Cisco 9000 series switches designed to manage its software-defined networking data center solution.

This critical vulnerability, tracked as CVE-2021-1577, impacts Cisco Application Policy Infrastructure Controller (APIC) and Cisco Cloud Application Policy Infrastructure Controller (Cloud APIC). APIC is the main architectural component of the Cisco Application Centric Infrastructure, which runs on Cisco Nexus 9000 Series node.

Read more…
Source: Threatpost