In 2020 Hard-coded usernames & passwords found in Cisco Virtual Wide Area Application Services (vWAAS). Patch now

Cloud security course specialists revealed the finding of a critical vulnerability in Virtual Wide Area Application Services (vWAAS), a virtual deployment for both enterprise and service provider, that accelerates commercial applications delivered from virtual and private private cloud infrastructure. According to the report, the successful exploitation of these flaws would allow threat actors to gain full control of the target system.

Below is a brief overview of the reported flaw, in addition to its identification key and score according to the Common Vulnerability Scoring System (CVSS).

CVE-2020–3446: The presence of hard-coded credentials in Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS) would allow unauthenticated remote malicious to access the affected system.

According to cloud security course experts, successful exploitation of this flaw could compromise the vulnerable system altogether.

Vulnerable Cisco Wide Area Application Services versions are: 6.0(1), 6.1(1), 6.2(1), 6.2(3), 6.2 (3a), 6.2(3b), 6.2(3c), 6.2(3e) 31, 6.2(3e) 40, 6.3(1), 6.4(1), 6.4(3d). This vulnerability affects Cisco ENCS 5400-W and CSP 5000-W series devices if you are running Cisco vWAAS with versions 6.4.5 or 6.4.3d of images packaged with NFVIS and earlier.

This is considered a critical vulnerability and received a CVSS score of 8.5/10.

While cloud security course specialists mention that the flaw can be exploited by remote threat actors over the Internet, attempts to exploit actively or any malware related to the attack have not yet been detected. Updates are ready, so administrators of affected deployments are encouraged to update as soon as possible.

Originally published at https://www.securitynewspaper.com on August 20, 2020.