In precept, an attacker may use this entry to steal licenses, or intervene with or revoke licensed options. Nevertheless, it’s extra possible {that a} compromise can be used to ascertain a bridgehead for lateral motion deeper contained in the community.
Some higher information
There’s an necessary qualification: any attacker exploiting the flaw would wish to provoke a password change to realize entry. Given how central licensing is to day-to-day community administration, a corporation’s admins would certainly discover this in a short time. Equally, nevertheless, regaining management of a hijacked server wouldn’t be fast or straightforward.
Cisco stated that, thus far, its product safety incident response group (PSIRT) will not be conscious of any malicious exploits focusing on the vulnerability, which signifies that the problem has hopefully been contained.
