Cisco, a networking major is under the spotlight of the IT Ministry. CERT-In (Indian Computer Emergency Response Team), a cyber agency under the IT Ministry, on Wednesday, warned about the vulnerabilities found on the Cisco products which can help hackers gain access to crucial data and infiltrate computer systems for stealing data. As per an IANS report, the major vulnerabilities have been discovered in the Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and Cisco Enterprise Chat and Email (ECE). The vulnerabilities give the hackers an opportunity to execute arbitrary code, conduct a cross-site scripting (XSS) attack and gain access to the sensitive information from the targeted system. CERT-In said that the Information Disclosure Vulnerability exists because of the lack of proper input sanitisation while querying the external authentication server.
CERT-In Had Alerted Enterprises About the Vulnerabilities in Cisco Products
The networking major has a lot of enterprise clients. Enterprises own and store a lot of crucial information with them. Because of the vulnerabilities found in Cisco’s products, the data and sensitive information of all the enterprise clients of Cisco is in danger. On June 20, 2022, CERT-In alerted the enterprises about three major vulnerabilities that were found in the Cisco products. There were vulnerabilities found in products such as routers and email/web manager which can enable the attacker or the hacker to gain access to sensitive information from the system. An official statement on the matter has not come from Cisco yet. There have been multiple bugs found in the products of Cisco and the company needs to address the issue asap to win back the customer confidence. Cisco has enterprise clients globally and is one of the renowned networking solutions companies. Cisco has also been a major contributor to the global telecom as well as the Indian market over the years. Hopefully, the vulnerabilities are fixed soon.