A high-severity vulnerability in the Cisco DNA Center could open enterprise users to remote attack and takeover. The flaw, tracked as CVE-2021-1257, exists in the web-based management interface of the DNA Center. The bug could allow an unauthenticated, remote attacker to conduct an attack to manipulate an authenticated user into executing malicious actions without their awareness or consent, according to Cisco s advisory. This is just the latest concerning security vulnerability for Cisco this year. Last week, it warned of multiple, critical vulnerabilities in its SD-WAN solutions and DNA Center, among others.
Source: https://threatpost.com/cisco-dna-center-bug-remote-attack/163302/