US technology company Cisco recently issued a security alert warning its users of a flaw in some of its data center switching equipment. This vulnerability could allow hackers to read and modify encrypted traffic.
Cisco: Bug affects Nexus 9000 series switch models
Cisco performs regularly internal security tests. During one of these operations, the company’s researchers discovered a vulnerability classified as high-level. Tracks below CVE-2023-20185this bug was discovered in the Nexus 9000 series switches.
This vulnerability could allow attackers to compromise encryption. In other words, the failure of the Cisco equipment would allow him to do it Read and modify encrypted traffic, explains the company. It adds that the vulnerability affects the multi-site CloudSec encryption of the application-centric infrastructure (ACI).
Cisco had not released any software updates to fix the vulnerability and so far there is no workaround to fix this error. The supplier has pointed this out to their customers (those who use this). Cisco ACI Multi-Site CloudSec encryption capability for Nexus 9332C, Nexus 9364C Switches and Nexus N9K-X9736C-FX Linecard) of deactivate.
A problem with the encryption implementation
According to Cisco, the vulnerability was caused by a problem with the implementation of the ciphers used by the CloudSec encryption function on the affected switches.
The Cisco ACI Multi-Site CloudSec encryption feature of the Nexus 9000 series switches is in Application Centric Infrastructure (ACI) mode. This is typically used in data centers to control physical and virtual networks.
Cybersecurity experts are worried about a new vendor’s vulnerability. They expressed concern about this bug in Cisco switches and the lack of software updates to fix it. In the meantime, the US provider recommends its customers to contact their support organization to explore alternative opt-out options.