TTCSIRT-346.08.28.20: TT-CSIRT ADVISORY – Cisco Critical Flaw Patched in WAN Software Solution
Cisco has issued a fix for a critical flaw in its Virtual Wide Area Application Services (vWAAS), software for optimizing WAN on virtual private cloud infrastructure.
The flaw (CVE-2020-3446), which has a critical-severity CVSS score of 9.8 out of 10, exists because user accounts for accessing the software contain default passwords.
That means an attacker could log in, via a default password, and thus potentially obtain administrator privileges.
For further information and support, please visit the following link:
If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT via firstname.lastname@example.org