A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the Cisco Digital Network Architecture (DNA) center, which could put enterprise users at risk of remote attacks and takeovers.
CVE-2021-1257 as it is designated, is present in the web management interface of the Cisco DNA Center. This web interface is a centralised network-management and orchestration platform for Cisco DNA. It carries a CVSS vulnerability-severity with a score of 7.1, making it high-severity.
Versions prior to 18.104.22.168 are affected due to a lack of CSRF protection. An attacker could use social engineering to trick a web-based management user into following a specially crafted link, via a phishing email or chat. If the user clicks on the link, the attacker can then perform arbitrary actions on the device with the privileges of the authenticated user.
CSRF attacks force end-users to execute actions that are not intended by the user on a web application. This happens in the context of their authentication, the more permissions a user has and the more dangerous a CSRF is.
The presence of the CSRF in the CISCO DNA Center could allow an unauthenticated, remote attacker to seize control of an authenticated user account.
The vulnerability received a patch in CISCO DNA Center Software releases 22.214.171.124, 126.96.36.199, 188.8.131.52, and 184.108.40.206, as well as later versions. It is recommended that those running the vulnerable software version patch to the latest version as soon as possible.
As of the time of this article, version 2.1.2.x is the latest version.
Source: Threat Post