It has been reported that Cisco is urging customers to install updates for a critical bug affecting its popular IOS XE operating system that powers millions of enterprise network devices around the world. The bug has a rare Common Vulnerability Scoring System (CVSS) version 3 rating of 10 out of a possible 10 and allows anyone on the internet to bypass the login for an IOS XE device without the correct password.
The critical authentication bypass flaw in Cisco IOS XE could be exploited by an unauthenticated, remote attacker sending specially crafted HTTP requests to a vulnerable device, resulting in the exposure of an authenticated users\’ token-id. While the flaw is critical, it\’s important to note there are a number of requirements for successful exploitation, including the device has both installed and enabled an affected version of the Cisco REST API virtual service container. In addition, a user must be logged into the device in order to obtain the token-id. Cisco has released iosxe-remote-mgmt.16.03.03.ova, a fixed version of the virtual service container, as well as implemented additional safeguards in updated IOS XE versions.