CVE-2018-0268

Name of the Vulnerable Software and Affected Versions Cisco Digital Network Architecture (DNA) Center versions 1.1.3 and prior

Description A vulnerability in the container management subsystem of Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and gain elevated privileges. This issue is due to an insecure default configuration of the Kubernetes container management subsystem within DNA Center. An attacker who has access to the Kubernetes service port could execute commands with elevated privileges within provisioned containers, potentially resulting in a complete compromise of affected containers.

Recommendations For versions 1.1.3 and prior, update to a version later than 1.1.3 to resolve the issue. As a temporary workaround, consider restricting access to the Kubernetes service port to minimize the risk of exploitation. Additionally, review and secure the default configuration of the Kubernetes container management subsystem to prevent unauthorized access.