Cisco portal password security compromised
PrintPrecautionary reset fails to run smoothly
Posted in Data Networking, 3rd August 2005 15:37 GMT
Free whitepaper – Fundamental Principles of Air Conditioners for Information Technology
A security breach involving Cisco's customer portal has forced the giant to reset passwords as a precaution. As a result, users visiting Cisco Connection Online on Wednesday were obliged to reauthenticate themselves.
In a statement Cisco said: "It has been brought to our attention that there is an issue in a Cisco.com search tool that could expose passwords for registered users. As a result, to protect our users, we’re taking the proactive step of resetting Cisco.com passwords. Needless to say we’re investigating the incident which does not appear to be due to a weakness in our security products and technologies or with our network infrastructure."
Users are been advised to email an automated service to get their passwords reset but some Reg readers who notified us about the issue report snags in re-establishing a valid log-in. One network reseller, reports the fallout from the security breach is causing significant inconvenience.
"All CCO login ID's have had their passwords reset and email addresses etc. have been removed from the accounts. This means everyone with a Cisco login has to re-register. So now everyone who's had a CCO login should start changing all their passwords as whoever compromised Cisco's system could potentially have the password for corporate email systems, VPN's, home passwords etc," he said.
Another Reg reader adds that Cisco's own workers have also been put out. "The password database for this facility for all of Europe, including Cisco employees has been compromised. The net result is that no one across Europe certainly, is able to log in."
News of the security flap comes a week after Cisco controversially slapped a restraining order on a security researcher who gave a talk on security weaknesses with the networking giant's core IOS software at the Black Hat conference in Las Vegas. Michael Lynn quit his job at security tools vendor ISS in order to give a presentation about how it might be possible to remotely compromise Cisco routers and run malign code. Cisco said that Lynn had failed to follow approved industry practices in disclosing security vulnerabilities. It also took issue with Lynn's "irresponsible public disclosure of illegally obtained proprietary information".
Cisco's handling of the incident has irked segments of the digital underground though it would be speculative in the absence of any evidence beyond timing to suggest this had anything to do with Wednesday's portal password flap. ®
Bootnote
Thanks to all the Reg readers who alerted us to Cisco's little snafu.
Related stories
Exploit writers team up to target Cisco routers
Cisco details Black Hat vuln fix
Settlement reached in Cisco flaw dispute
Cisco, ISS file suit against rogue researcher
Free whitepaper – Deploying high-density zones in a low-density data center
Straight Talk with Dell: Sending out an SaaS
Analyst Keynote: The Register Agile Data Center Summit
Thermal design of the Dell PowerEdge T610, R610, and R710 servers
Seven ways to lower storage costs
Ensuring high service levels in cloud computing
Apple sues over knock-off power bricks
US Air Force orders 2200 Sony PS3s
Xiotech definitely not using SSDs in near future
HP takes one in the servers