Cisco security advisory – Multiple Vulnerabilities in Cisco UCS Director and Cisco UCS Director Express for Big Data (17-Apr-2020)

Preface: The protocols and the interfaces used by the controller to communicate with the application layer are called the Northbound interface. Protocols used for communication between the controller and forwarding nodes are called Southbound interface. Northbound communication is used to retrieve info or send instructions to the controller using APIs.

Vulnerability details: Multiple vulnerabilities in the REST API of Cisco UCS Director and Cisco UCS Director Express for Big Data may allow a remote attacker to bypass authentication or conduct directory traversal attacks on an affected device. For details, please refer official announcement –

Other potential impact: The application entry point to the SDN deployment is through the controller via the Northbound Interface (NBI). If the communication is done using REST APIs with lacking proper protection, PUT method can be used to alter configurations or add malicious files that can alter other devices.These attacks are related to the communication over whether the Northbound Interface (NBI) or Southbound Interface (SBI). Some attacks are related to software. For details, please refer to the attached drawings.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.