Fonte: https://gbhackers.com/cisco-switches/
Vulnerability Description in Cisco Switches
O que causa? Controle total do elemento.
Verificarse esta habilitado:
#sh vstack config
desabilitar
# conf t
#no vstack
Affected Cisco Switches
- Catalyst 4500 Supervisor Engines
- Catalyst 3850 Series
- Catalyst 3750 Series
- Catalyst 3650 Series
- Catalyst 3560 Series
- Catalyst 2960 Series
- Catalyst 2975 Series
- IE 2000
- IE 3000
- IE 3010
- IE 4000
- IE 4010
- IE 5000
- SM-ES2 SKUs
- SM-ES3 SKUs
- NME-16ES-1G-P
- SM-X-ES3 SKUs
This Flaw has been fixed by Cisco and released the patch CVE : CVE-2018-0171
Vídeo exemplo da invasão