An unauthenticated RCE flaw was discovered in Cisco Nexus Dashboard Fabric Controller by exploiting an obsolete Java library with known vulnerabilities.
The researcher, Pedro Ribeiro, was able to put together a damaging exploit against the enterprise-grade network and storage management technology by chaining together a combination of vulnerabilities in the system. The exploit chain allowed to escalate a web-based flaw to achieve a root shell, or complete compromise.
The security researcher reported the issue to Cisco through Trend Micro’s Zero Day Initiative around six months ago. Cisco was somewhat slow to respond but did release a software update last month that addressed the issue
Cisco released a software update earlier last month for Cisco Data Center Network Manager that includes a fix for the third-party software (TPS) vulnerability in Apache Flex Blaze DS that is identified by CVE-2017-5641 and tracked with Bug ID CSCvz62623 and asks customers of this product to upgrade to software version 11.5(4).
The release of an update to Cisco Nexus Dashboard Fabric Controller cleared the way for researcher to go public with details of the vulnerability and proof-of-concept exploit code with a technical blog post, published on GitHub last week.
The same technology was previously known as Cisco Data Center Network Manager (DCNM). In its previous guise, Ribeiro found another (similarly) critical RCE vulnerability three years ago.