Cisco DNA Center Certificate Validation Vulnerability
CVE-2021-1134

7.4HIGH

Key Information:

Vendor: Cisco
Status: Cisco Digital Network Architecture Center (dna Center)
Vendor: CVE Published:; 29 June 2021

Badges

👾 Exploit Exists

Summary

A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete validation of the X.509 certificate used when establishing a connection between DNA Center and an ISE server. An attacker could exploit this vulnerability by supplying a crafted certificate and could then intercept communications between the ISE and DNA Center. A successful exploit could allow the attacker to view and alter sensitive information that the ISE maintains about clients that are connected to the network.

Affected Version(s)

Cisco Digital Network Architecture Center (DNA Center)

References

https://tools.cisco.com/security/center/content/CiscoSecu...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Aug 3, 2024
Vulnerability published
Jun 29, 2021
Vulnerability Reserved
Nov 13, 2020