In precept, an attacker might use this entry to steal licenses, or intrude with or revoke licensed options. Nevertheless, it’s extra doubtless {that a} compromise can be used to ascertain a bridgehead for lateral motion deeper contained in the community.
Some higher information
There’s an essential qualification: any attacker exploiting the flaw would wish to provoke a password change to achieve entry. Given how central licensing is to day-to-day community administration, a company’s admins would certainly discover this in a short time. Equally, nevertheless, regaining management of a hijacked server wouldn’t be fast or simple.
Cisco mentioned that, to this point, its product security incident response staff (PSIRT) is just not conscious of any malicious exploits concentrating on the vulnerability, which signifies that the difficulty has hopefully been contained.
