Smile On Fridays secured coverage on SC Magazine for Tenable
Cisco has released updates to its networking equipment operating system NX-OS after security researchers found three critical authentication bypass vulnerabilities. The flaws could enable an unauthenticated, remote attacker to bypass endpoint authentication and execute arbitrary actions with administrative privileges on particular devices, read a blog post by Tenable. NX-OS is Cisco’s operating system for its Ethernet switches and MDS-series Fibre Channel storage area network switches. Researchers said that of the 12 vulnerabilities patched by Cisco, the most severe include a trio of critical authentication bypass flaws, two of which reside in DCNM API endpoints. These three bugs received a vulnerability score of 9.8 severity.