Cisco DNA Center Software API Vulnerabilities

Vulnerability

Multiple vulnerabilities exist in the API of Cisco DNA Center Software, allowing an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. These vulnerabilities are due to insufficient validation of user-supplied input in API requests. Affected versions include Cisco DNA Center Software releases prior to the fixed versions specified in the advisory [1].

Exploitation

An attacker must have valid authentication credentials to the Cisco DNA Center API. Exploitation does not require additional privileges beyond those of an authenticated user. By sending specially crafted API requests, the attacker can trigger the vulnerabilities. The vulnerabilities are not interdependent; exploitation of one does not require another [1].

Impact

Successful exploitation can lead to different outcomes depending on the vulnerability exploited. An attacker can read sensitive information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. This could result in full compromise of the affected system [1].

Mitigation

Cisco has released software updates that address these vulnerabilities. The fixed versions are detailed in the Cisco Security Advisory [1]. There are no workarounds that address these vulnerabilities. Users should upgrade to the appropriate fixed release as soon as possible.