Vulnerability in Cisco Smart Software Manager lets attackers change any user password
Enlarge Cisco on Wednesday disclosed a maximum-security vulnerability that allows remote threat actors with no authentication to change the password of any user, including those of administrators with accounts, on Cisco Smart Software Manager On-Prem devices. The Cisco Smart Software Manager On-Prem resides inside the customer premises and provides a dashboard for managing licenses for all Cisco gear in use. It’s used by customers who can’t or don’t want to manage licenses in the cloud, as is more common. In a bulletin, Cisco warns that the product contains a vulnerability that allows hackers to change any account's password. The severity [...]