Cisco Warns Of Bug That Lets Attackers Break Traffic Encryption

According to the latest reports, Cisco recently warned customers of a high-severity vulnerability affecting some data center switch models. The point worth mentioning here is that this bug is allowing attackers to fiddle with encrypted traffic.

Cisco Warns Of A High Severity Bug Breaking Traffic Encryption

The latest bug has been tracked as CVE-2023-20185. Let me tell you that the flaw was actually found during internal security testing in the ACI Multi-Site CloudSec encryption feature of data center Cisco Nexus 9000 Series Fabric Switches. The point worth mentioning here is that this vulnerability only affects Cisco Nexus 9332C, 9364C, and 9500 spine switches when they are in ACI mode. Moreover, all these switches need to be a part of a Multi-Site topology, needs the CloudSec encryption feature enabled, and are running firmware 14.0 and later releases. The company stated:

“This vulnerability is due to an issue with the implementation of the ciphers that are used by the CloudSec encryption feature on affected switches”

If you want to know whether CloudSec encryption is being used across an ACI site, follow the steps mentioned down below:

• go to Infrastructure
• Site Connectivity
• Configure
• Sites
• site-name
• Inter-Site Connectivity Required on the Cisco Nexus Dashboard Orchestrator
• check if “CloudSec Encryption” is “Enabled.”

In addition to that, you also need to check whether CloudSec encryption is enabled on a Cisco Nexus 9000 Series switch. Simply run the show cloudsec sa interface all command via the switch command line. Cisco has been warning of critical switch bugs with public exploit code for a long time. So, try to be careful about these switch bugs.

Also Read: Google Delays Launch of Its Fully Custom Chip for Pixel Devices Until 2025: Reports – PhoneWorld