Amongst Cisco’s dump of 27 security advisories today only one was rated as critical – a vulnerability in its Firepower firewall system that could let an attacker bypass authentication and execute arbitrary actions with administrative privileges on a particular device.
The Firepower Management Center (FMC) vulnerability – which was rated at 9.8 out of 10 – comes from improper handling of Lightweight Directory Access Protocol (LDAP) authentication responses from an external authentication server. With it, an attacker could exploit the vulnerability by sending crafted HTTP requests to an affected device and gain administrative access to its web-based management interface.
Microsoft’s monthly Patch Tuesday included a hefty haul of fixes: 49 total, and one of them is more than just critical. For enterprises running Windows Server 2016 and Server 2019, it's vital you implement the patch ASAP.
The National Security Agency (NSA) disclosed the Windows vulnerability on Tuesday, the same day the fix was issued. That means the NSA found the flaw likely months ago but held off on public notification until Microsoft could come up with a fix. It would be irresponsible for the NSA, or anyone else, to announce a vulnerability and not give the software maker time to patch it.
The vulnerability was spotted in "crypt32.dll," a Windows module that has been in both desktop and server versions since NT 4.0 more than 20 years ago. Microsoft describes the library as handling certificate and cryptographic messaging functions in the CryptoAPI.
Digital transformation has increased the importance of the network, particularly the edge, where customers, employees, cloud applications and IoT devices connect to the enterprise. The legacy static and non-differentiated network edge of years past is no longer sufficient for many reasons, so as companies embark on digital-transformation plans, their networks must evolve.
Networking pros should be looking at, among other things, improving security and embracing software-defined networking (SDN) that supports propagating changes quickly across the network in order to accommodate the many challenges digital transformation creates.
DCNM is a central management dashboard for data-center fabrics based on Cisco Nexus switches and handles a number of core duties such as automation, configuration control, flow policy management and real-time health details for fabric, devices, and network topology.