Cisco has released an urgent software update to fix a critical authentication bug. The bug, assigned CVE-2021-21-34746 with a CVSS score of 9.8, has been rated critical. The vulnerability affects the TACACS+ authentication, authorization and accounting feature of Cisco Enterprise NFV Infrastructure Software. Cisco says the vulnerability is due to incomplete validation of user-supplied input that is passed to an authentication script. A successful exploit could allow the attacker to bypass authentication and log in as an administrator.”]
Source: https://www.cuinfosecurity.com/cisco-patches-critical-authentication-bypass-bug-a-17459