Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability — CISCO-SA-ACI-CLOUDSEC-ENC-VS5WN2SX
Cisco · Cisco · CISCO-SA-ACI-CLOUDSEC-ENC-VS5WN2SX
ID
CISCO-SA-ACI-CLOUDSEC-ENC-VS5WN2SX
CISCO-SA-ACI-CLOUDSEC-ENC-VS5WN2SX
Datum
Activity
Quelle
Cisco
Cisco
Vendor
Cisco
Cisco
Risiko
high
high
Zusammenfassung
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic. This vulnerability is due to an issue with the implementation of the ciphers that are used by the CloudSec encryption feature on affected switches. An attacker with an on-path position between the…
Produkt
Cisco ACI Multi-Site CloudSec Encryption Information Disclosure
Was tun?
Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):
- Priorisiere sofort Patches oder Mitigations (hohes akutes Risiko).
- Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
- Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
- Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.