The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks.
A cross-site request forgery (CSRF) vulnerability in the Cisco Digital Network Architecture (DNA) Center could open enterprise users to remote attack and takeover.
The flaw, tracked as CVE-2021-1257, exists in the web-based management interface of the Cisco DNA Center, which is a centralized network-management and orchestration platform for Cisco DNA. It carries a CVSS vulnerability-severity score of 7.1, making it high-severity.
Cisco DNA is the networking giant’s software-defined approach for aligning campus, branch, WAN and remote-worker elements of enterprise networks. The DNA Center allows admins to provision and configure all network devices, and it uses artificial intelligence (AI) and machine learning (ML) to proactively monitor, troubleshoot and optimize networks. It also integrates with third-party systems. In short, the DNA Center allows deep reach and visibility