Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability - 20230710002¶
Overview¶
CISCO has released security advisories to address a vulnerability present in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic.
What is the vulnerability?¶
This vulnerability is due to an issue with the implementation of the ciphers that are used by the CloudSec encryption feature on affected switches.
- CVSS Base Score: 7.4
What is vulnerable?¶
This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI mode that are running releases 14.0 and later if they are part of a Multi-Site topology and have the CloudSec encryption feature enabled.
What has been observed?¶
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
Recommendation¶
CISCO will not release software updates to address this vulnerability, there are no workarounds to address this vulnerability and vendor has advised to disable this feature and to contact their support organization to evaluate alternative options, such as performing encryption on the underlying site-to-site connections.