Cisco warns of NetFlow vulnerability

Cisco's IP traffic-collection software contains a vulnerability that can provide attackers with unauthorised access and grant them full administrative control to an operating system, the networking giant reported in an advisory.

Versions prior to 6.0 of Cisco's NetFlow Collection Engine have a flaw that creates default accounts containing identical usernames and passwords, allowing attackers to bypass security checks, according to a French Security Incident Response Team (FrSIRT) advisory issued Wednesday.

The team rated the bug as a "moderate risk," but it can be remotely exploited.

Upon installation of NetFlow Circulation Engine, default user credentials are created, according to an advisory from US-CERT, resulting in remote attackers with knowledge of the credentials being able to gain access to an affected system.

Cisco recommended upgrading to version 6.0, which is not a free download.

The NetFlow Collection Engine is used to collect and analyze IP traffic from devices, such as switches and routers, according to Cisco. The data helps administrators detect threats such as DoS attacks and worms.

Meta is sued by US Virgin Islands over ads for scams, dangers to children

Two US cyber experts plead guilty to cooperating with ALPHV Blackcat

Murray Irrigation landholder data accidentally leaked

Origin Energy puts $210m into spinout of Kraken from Octopus Energy

New York to require social media platforms to display mental health warnings

Cisco warns of NetFlow vulnerability

Cisco's IP traffic-collection software contains a vulnerability that can provide attackers with unauthorised access and grant them full administrative control to an operating system, the networking giant reported in an advisory.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

University of Sydney "online IT code library" breached

US bars approvals of new models of DJI, all other foreign drones

Greater Western Water's billing system data issues laid bare

Most popular tech stories

Audit Office of NSW and Data61 explore AI for gov auditing

State of HR Tech

Zara turns to AI to generate fashion imagery

Cochlear pilots voice-to-text Salesforce integration for lead management

State of HR Tech 2025

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Home-grown Higgns to bring IoT to the world

Govt launches consumer tech label program for smart devices

Photos: The 2024 IoT Awards winners

Meta is sued by US Virgin Islands over ads for scams, dangers to children

Two US cyber experts plead guilty to cooperating with ALPHV Blackcat

Murray Irrigation landholder data accidentally leaked

Origin Energy puts $210m into spinout of Kraken from Octopus Energy

New York to require social media platforms to display mental health warnings

Cisco warns of NetFlow vulnerability

Cisco's IP traffic-collection software contains a vulnerability that can provide attackers with unauthorised access and grant them full administrative control to an operating system, the networking giant reported in an advisory.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

University of Sydney "online IT code library" breached

US bars approvals of new models of DJI, all other foreign drones

Greater Western Water's billing system data issues laid bare

Most popular tech stories

Audit Office of NSW and Data61 explore AI for gov auditing

State of HR Tech

Zara turns to AI to generate fashion imagery

Cochlear pilots voice-to-text Salesforce integration for lead management

State of HR Tech 2025

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

'Touch-free' smartphone controlled with head movements

Home-grown Higgns to bring IoT to the world

Govt launches consumer tech label program for smart devices

Photos: The 2024 IoT Awards winners

Log In