Cisco has advised owners of Nexus switches to disable a feature called PowerOn Auto Provisioning (POAP) for security reasons. POAP is now enabled by default in NX-OS, the operating system on Nexus.
POAP is an automatic provisioning and zero-touch deployment feature that helps device owners with the initial deployment and configuration of Nexus switches. The function works by checking on a local configuration script. When the script is deleted, the switch is reset to factory defaults or it is the first time the device is turned on. The POAP daemon then connects to a preset list of servers to download an initial configuration file.
To achieve this, the switch must first obtain an IP address from a local DHCP server. The POAP configuration settings can also be transferred via the DHCP response. And that’s where Cisco says the problem lies, reports ZDNet. The company says that the POAP function on Nexus devices accepts the first DHCP response it receives.
An attacker on the local network can send rogue DHCP responses to the switches to take over their POAP settings and get switches to download and run configuration scripts from an attacker’s server. Hackers cannot take over devices directly from an exploit, but it can be useful for attackers who have already penetrated a system on an internal network and want to extend their access to other devices.
Disable function
Therefore, Cisco Nexus owners now recommend to disable the POAP feature when they are not using it. In addition, the company has rolled out NX-OS updates for all Nexus models, which include a new terminal command to disable the feature.
In addition, the company has issued patches for thirty vulnerabilities. Seven of these vulnerabilities allow attackers to execute code with root-level privileges. None of the vulnerabilities were abused in the wild by attackers, according to Cisco.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.