vulnerability and found it during internal testing

 Cisco says it's not aware of any malicious use of the vulnerability and found it during internal testing. It's given the bug, tracked as CVE-2020-3363, a severity score of 8.6 out of 10. It also notes that the issue only affects IPV6 traffic, not IPv4 traffic.

Certain versions of Cisco's DNA Center network automation software are also vulnerable to a high-severity flaw that could let a remote attacker access sensitive information, including configuration files. It has a severity rating of 7.5. 

The software doesn't handle authentication tokens properly, according to Cisco. This allows an attacker to send a crafted HTTPS request to an affected device. The bug, tracked as CVE-2020-3411, affects all 1.3.x versions of DNA Center software releases prior to computer science degree jobs. This bug was also found in internal testing and Cisco is not aware of its use in malicious attacks.

Comments

Post a Comment

Popular posts from this blog

Collaborative and sociable endeavour

obstacles to becoming a professional programmer. For one, outside the industry, harmful stereotypes remain. Engineers are often seen as introverted, antisocial and (you guessed it) male. As a teenager who wasn’t any of those things, I was put off. And I know there are many others now who are just like I was then. So perhaps it’s not surprising that I didn’t want a job that, at first glance, appeared to isolate me from other people in some form of employed solitary confinement. So, it was with this thought in mind that I stepped away from engineering to instead embark on a career in marketing. Fortuitously my father happened to work in the same building as my new company, so before and after work I would spend time sitting in his office.  By observing him and his team, I quickly discovered that working in software development was not an isolating role, but rather a much more collaborative and sociable endeavour.  I  computer science vs computer engineering   then and there that I had to
Read more

Two founding signatories leave Architects Declare

 Over the past year, Zaha Hadid Architects and Foster + Partners, two of the 17 founding signatories of Architects Declare, have been criticised for working on aviation projects. Zaha Hadid Architects was criticised for designing Western Sydney International Airport, while Foster + Partners' decision to design an airport for a luxury resort in Saudi Arabia led Architects Climate Action Network, another group that advocates more radical climate action, to call on the studio to withdraw from the project or from Architects Declare. This division over working on airport projects led Foster + Partners to leave Architects Declare yesterday, with studio founder Norman Foster saying: "agriculture and aviation are not going to go away and they will both need the most sustainable buildings to serve them together with the architects who can most responsibly design them." Since its foundation, the UK branch of Architects Declare has gained over jobs with computer science degree whil
Read more

National Security Directive on the Telecommunication Sector

 While the whole move around NSDTS is country agnostic and is purportedly meant to tone up the security of digital networks in the country, the reference to China is definitely doing the rounds. The Cabinet Committee on Security headed by Prime Minister Narendra Modi gave its approval for a National Security Directive on the Telecommunication Sector (NSDTS) that will impact the digital and telecom ecosystem in the country. The NSDTS is aimed at preserving the integrity of the supply chain under which the government will declare a list of trusted sources and trusted products for installation in the country’s telecom networks.  There will also be a list of designated sources from where no procurement is to be made. The methodology to designate trusted products will be devised by the designated authority, the National Cyber Security Coordinator of India, and the list of the trusted source and product decided on the basis of approval by a committee headed by the Deputy National Security Ad
Read more