Wilford  Pagac

Wilford Pagac

1596877200

Critical Cisco Flaw Fixed in Data Center Network Manager

The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.

Cisco is warning of several critical and high-severity flaws in its Data Center Network Manager (DCNM) for managing network platforms and switches.

DCNM is a platform for managing Cisco data centers that run Cisco’s NX-OS — the network operating system used by Cisco’s Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches. The flaws exist in the REST API of DCNM — and the most serious of these could allow an unauthenticated, remote attacker to bypass authentication, and ultimately execute arbitrary actions with administrative privileges on a vulnerable device.

The critical flaw (CVE-2020-3382), which was found during internal security testing, rates 9.8 out of 10 on the CVSS scale, making it critical in severity. While the flaw is serious, the Cisco Product Security Incident Response Team said it is not aware of any public announcements or malicious exploits of the vulnerability.

“The vulnerability exists because different installations share a static encryption key,” said Cisco, in a security update on Wednesday. “An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges.”

This vulnerability affects all deployment modes of all Cisco DCNM appliances that were installed using .ova or .iso installers, and affects Cisco DCNM software releases 11.0(1), 11.1(1), 11.2(1), and 11.3(1).

“Cisco has confirmed that this vulnerability does not affect Cisco DCNM instances that were installed on customer-provided operating systems using the DCNM installer for Windows or Linux,” said Cisco. “Cisco has also confirmed that this vulnerability does not affect Cisco DCNM software releases 7.x and 10.x.”

Cisco has released software updates that address the vulnerability, though there are no workarounds that address the flaw.

Cisco also patched five high-severity flaws in DCNM, including two command-injection flaws (CVE-2020-3377 and CVE-2020-3384 ) that could allow an authenticated, remote attacker to inject arbitrary commands on affected devices; a path traversal issue (CVE-2020-3383) that could enable an authenticated, remote attacker to conduct directory traversal attacks on vulnerable devices; an improper authorization flaw (CVE-2020-3386), allowing an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device; and an authentication bypass glitch (CVE-2020-3376) allowing an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device.

DCNM came in the spotlight earlier this year when three critical vulnerabilities (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) were discovered in the tool in January. Two critical flaws were also found last year in DCNM, which could allow attackers to take control of impacted systems.

Cisco on Wednesday also patched a critical vulnerability (CVE-2020-3374) in the web-based management interface of its SD-WAN vManage Network Management system (the centralized management platform). This flaw could allow a remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system – but the attacker would need to be authenticated to exploit the flaw.

#vulnerabilities #web security #cisco #critical cisco flaw #cve-2020-3382 #data center network manager #dcnm #fix #patch #rest api #security #vulnerability

What is GEEK

Buddha Community

Critical Cisco Flaw Fixed in Data Center Network Manager
Wilford  Pagac

Wilford Pagac

1596877200

Critical Cisco Flaw Fixed in Data Center Network Manager

The flaw could allow a remote, unauthenticated attacker to bypass authentication on vulnerable devices.

Cisco is warning of several critical and high-severity flaws in its Data Center Network Manager (DCNM) for managing network platforms and switches.

DCNM is a platform for managing Cisco data centers that run Cisco’s NX-OS — the network operating system used by Cisco’s Nexus-series Ethernet switches and MDS-series Fibre Channel storage area network switches. The flaws exist in the REST API of DCNM — and the most serious of these could allow an unauthenticated, remote attacker to bypass authentication, and ultimately execute arbitrary actions with administrative privileges on a vulnerable device.

The critical flaw (CVE-2020-3382), which was found during internal security testing, rates 9.8 out of 10 on the CVSS scale, making it critical in severity. While the flaw is serious, the Cisco Product Security Incident Response Team said it is not aware of any public announcements or malicious exploits of the vulnerability.

“The vulnerability exists because different installations share a static encryption key,” said Cisco, in a security update on Wednesday. “An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges.”

This vulnerability affects all deployment modes of all Cisco DCNM appliances that were installed using .ova or .iso installers, and affects Cisco DCNM software releases 11.0(1), 11.1(1), 11.2(1), and 11.3(1).

“Cisco has confirmed that this vulnerability does not affect Cisco DCNM instances that were installed on customer-provided operating systems using the DCNM installer for Windows or Linux,” said Cisco. “Cisco has also confirmed that this vulnerability does not affect Cisco DCNM software releases 7.x and 10.x.”

Cisco has released software updates that address the vulnerability, though there are no workarounds that address the flaw.

Cisco also patched five high-severity flaws in DCNM, including two command-injection flaws (CVE-2020-3377 and CVE-2020-3384 ) that could allow an authenticated, remote attacker to inject arbitrary commands on affected devices; a path traversal issue (CVE-2020-3383) that could enable an authenticated, remote attacker to conduct directory traversal attacks on vulnerable devices; an improper authorization flaw (CVE-2020-3386), allowing an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device; and an authentication bypass glitch (CVE-2020-3376) allowing an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device.

DCNM came in the spotlight earlier this year when three critical vulnerabilities (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) were discovered in the tool in January. Two critical flaws were also found last year in DCNM, which could allow attackers to take control of impacted systems.

Cisco on Wednesday also patched a critical vulnerability (CVE-2020-3374) in the web-based management interface of its SD-WAN vManage Network Management system (the centralized management platform). This flaw could allow a remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system – but the attacker would need to be authenticated to exploit the flaw.

#vulnerabilities #web security #cisco #critical cisco flaw #cve-2020-3382 #data center network manager #dcnm #fix #patch #rest api #security #vulnerability

Siphiwe  Nair

Siphiwe Nair

1620466520

Your Data Architecture: Simple Best Practices for Your Data Strategy

If you accumulate data on which you base your decision-making as an organization, you should probably think about your data architecture and possible best practices.

If you accumulate data on which you base your decision-making as an organization, you most probably need to think about your data architecture and consider possible best practices. Gaining a competitive edge, remaining customer-centric to the greatest extent possible, and streamlining processes to get on-the-button outcomes can all be traced back to an organization’s capacity to build a future-ready data architecture.

In what follows, we offer a short overview of the overarching capabilities of data architecture. These include user-centricity, elasticity, robustness, and the capacity to ensure the seamless flow of data at all times. Added to these are automation enablement, plus security and data governance considerations. These points from our checklist for what we perceive to be an anticipatory analytics ecosystem.

#big data #data science #big data analytics #data analysis #data architecture #data transformation #data platform #data strategy #cloud data platform #data acquisition

Ian  Robinson

Ian Robinson

1624399200

Top 10 Big Data Tools for Data Management and Analytics

Introduction to Big Data

What exactly is Big Data? Big Data is nothing but large and complex data sets, which can be both structured and unstructured. Its concept encompasses the infrastructures, technologies, and Big Data Tools created to manage this large amount of information.

To fulfill the need to achieve high-performance, Big Data Analytics tools play a vital role. Further, various Big Data tools and frameworks are responsible for retrieving meaningful information from a huge set of data.

List of Big Data Tools & Frameworks

The most important as well as popular Big Data Analytics Open Source Tools which are used in 2020 are as follows:

  1. Big Data Framework
  2. Data Storage Tools
  3. Data Visualization Tools
  4. Big Data Processing Tools
  5. Data Preprocessing Tools
  6. Data Wrangling Tools
  7. Big Data Testing Tools
  8. Data Governance Tools
  9. Security Management Tools
  10. Real-Time Data Streaming Tools

#big data engineering #top 10 big data tools for data management and analytics #big data tools for data management and analytics #tools for data management #analytics #top big data tools for data management and analytics

Gerhard  Brink

Gerhard Brink

1620629020

Getting Started With Data Lakes

Frameworks for Efficient Enterprise Analytics

The opportunities big data offers also come with very real challenges that many organizations are facing today. Often, it’s finding the most cost-effective, scalable way to store and process boundless volumes of data in multiple formats that come from a growing number of sources. Then organizations need the analytical capabilities and flexibility to turn this data into insights that can meet their specific business objectives.

This Refcard dives into how a data lake helps tackle these challenges at both ends — from its enhanced architecture that’s designed for efficient data ingestion, storage, and management to its advanced analytics functionality and performance flexibility. You’ll also explore key benefits and common use cases.

Introduction

As technology continues to evolve with new data sources, such as IoT sensors and social media churning out large volumes of data, there has never been a better time to discuss the possibilities and challenges of managing such data for varying analytical insights. In this Refcard, we dig deep into how data lakes solve the problem of storing and processing enormous amounts of data. While doing so, we also explore the benefits of data lakes, their use cases, and how they differ from data warehouses (DWHs).


This is a preview of the Getting Started With Data Lakes Refcard. To read the entire Refcard, please download the PDF from the link above.

#big data #data analytics #data analysis #business analytics #data warehouse #data storage #data lake #data lake architecture #data lake governance #data lake management

Enterprise Data Management: Stick to the Basics

Lots of people have increasing volumes of data and are trying to run data management programs to better sort it. Interestingly, people’s problems are pretty much the same throughout different sectors of any industry, and data management helps them configure solutions.

The fundamentals of enterprise data management (EDM), which one uses to tackle these kinds of initiatives, are the same whether one is in the health sector, a telco travel company, or a government agency, and more! Therefore, the fundamental practices that one needs to follow to manage data are similar from one industry to another.

For example, suppose you’re about to set off and design a program. In this case, it may be your integration platform project or your big warehouse project; however, the principles for designing that program of work is pretty much the same regardless of the actual details of the project.

#big data #bigdata #big data analytics #data management #data modeling #data governance #enterprise data #enterprise data management #edm