Cisco Warns Of Bug In NetFlow Monitoring Tool - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications

Cisco Warns Of Bug In NetFlow Monitoring Tool

When the tool is installed, it creates matching default username and passwords, enabling a remote hacker to gain access to the system.

Cisco released a security advisory on Thursday describing a vulnerability that affects various versions of its Cisco Network Services NetFlow monitoring tool.

Upon installation, default user credentials are created on the system, according to another advisory from the U.S.-CERT. A remote attacker with knowledge of these hard-coded credentials may be able to gain access to an affected system.

The bug affects NetFlow versions prior to 6.0.

The NetFlow Collection Engine is a monitoring tool that provides network management infrastructure metering for technologies like routers and switches. The collected data can be used to provide a network baseline that helps IT managers detect network irregularities like denial-of-service attacks, malware, and other malicious activity.

NetFlow runs on a Unix platform. When it's installed, it creates a default Web-based user account -- nfcuser -- which is required to perform application maintenance, configuration, and troubleshooting with a password of nfcuser, Cisco reported. In versions prior to 6.0, the installer also will create a local user -- which also is called nfcuser -- on the operating system with a default password also identical to the username. If the user already exists, the installer will change the password to be the same as the username.

Cisco recommends users upgrade to Version 6.0. It's not a free upgrade. The company also recommends in its advisory that users can manually change the password on the host operating system.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll