Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cisco Patches IDS Software, Sensors Against Spoofing

A vulnerability in Cisco's security monitors could let attackers spoof the network giant's intrusion detection software and sensors, gain access to legitimate log-in credentials, and submit fake data to, for instance, hide an ongoing attack, the company revealed Monday in multiple security advisories.

Patches for the flaws are available to Cisco customers.

A SSL certificate-checking bug in CiscoWorks Management Center for IDS Sensors (IDSMC) and Monitoring Center for Security (Secmon) could let an attacker spoof an IDS system and gain access to sensitive data, said Cisco. SSL certificates are used to secure and authenticate Cisco devices, such as intrusion detection and intrusion prevention sensors as they communicate with each other.

"If exploited, the attacker may be able to gather log-in credentials, submit false data to IDSMC and Secmon or filter legitimate data from IDSMC and Secmon, thus impacting the integrity of the device and the reporting capabilities of it," said Cisco in one advisory posted Monday.

Another vulnerability in Cisco's Intrusion Prevention System (IPS) could give a user with limited access privileges full control of a device instead, the San Jose, Calif.-developer and manufacturer said in a separate advisory.

  • 1