Cisco is urging customers to install updates for a critical bug affecting IOS XE operating system that has received the highest possible CVSSv3 rating of 10, meaning exploitation of the bug is trivial and can be performed remotely. The flaw, tracked as CVE-2019-12643, affects Cisco's REST application programming interface (API) virtual container for ISO XE and exists because the software fails to properly check the code that manages the API's authentication service. An attacker can exploit this vulnerability by submitting malicious HTTP requests to the targeted device and obtaining the token-id of an authenticated user. This token-id can be used to bypass authentication and execute privileged actions through the interface of the REST API virtual service container on the affected Cisco IOS XE device. CVE-2019-12643 affects Cisco 4000 Series Integrated Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, the Cisco Cloud Services Router 1000V Series, and the Cisco Integrated Services Virtual Router. Organisations that have installed and enabled the REST API interface on IOS XE devices are strongly encouraged to upgrade both the REST API virtual service container and IOS XE to mitigate against potential attacks.
More Weekly Cyber Newsanalysis and insights
Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.
Architecting and implementing cybersecurity solutions that bolster defences
Ensign Managed Security Services
Managing your security operations for advanced threat detection, continuous monitoring, and triage services