[German]Several vulnerabilities (CVE-2021-1600, CVE-2021-1601) exist in IPv4 and IPv6 forwarding in the Cisco Intersight Virtual Appliance. These vulnerabilities could allow an unauthenticated, adjacent attacker to access sensitive internal services through an external interface. However, Cisco has since provided security updates to address these vulnerabilities.
I came across the issue via the following tweet from Catalin Cimpanu and am including it here on the blog in case you are not already aware of it.
The vendor reveals details in the Cisco Intersight Virtual Appliance IPv4 and IPv6 Forwarding Vulnerabilities security advisory dated July 21, 2021. These vulnerabilities are due to insufficient constraints on IPv4 or IPv6 packets received on the external management interface. An attacker could exploit these vulnerabilities by sending certain traffic to this interface on an affected device. Successful exploitation could allow the attacker to access sensitive internal services and make configuration changes on the affected device.
- The vulnerability with Cisco bug ID CSCvx84462 affects Cisco Intersight Virtual Appliance releases prior to the first fixed release for IPv4 traffic.
- The vulnerability with Cisco bug ID CSCvy29625 affects Cisco Intersight Virtual Appliance releases 1.0.9-184 through the first fixed release for IPv6 traffic.
Note: These vulnerabilities do not affect customers using Cisco Intersight Services for Cloud.
To check the Cisco Intersight Virtual Appliance version, click the gear icon in the upper-right corner of the web UI and then select Settings > Software. The web UI displays the version number. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
