Cisco warns of sensor flaw

Cisco warns of sensor flaw

Cisco Systems has warned of a security flaw affecting two of its widely used security systems.

The flaw, involving Secure Sockets Layer (SSL), affects CiscoWorks Management Center for IDS Sensors, known as IDSMC, and a related product, Monitoring Center for Security, also called Security Monitor or Secmon.

In an advisory, Cisco said an attacker could use the bug to pretend to be a legitimate Cisco Intrusion Detection Sensor (IDS) or Intrusion Prevention System (IPS). That could allow the attacker to collect login credentials, submit false data to IDSMC and Secmon or filter what data the two products see. Filtering could be used, for instance, to keep the security products from detecting an attack.

IDSMC provides configuration and signature management for IDS and IPS systems. Secmon provides event collection, viewing and reporting functions for Cisco network devices. The affected versions included IDSMC versions 2.0 and 2.1 and Secmon versions 1.1 to 2.0 and version 2.1, Cisco said.

It wasn't aware of any exploit code currently circulating for the vulnerability. The bug is only exploitable locally, limiting their impact, according to security researchers.

Separately, Cisco warned of a bug in its Intrusion Prevention System (IPS) that could allow a local user to gain full administrator privileges.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments