Cisco has issued a warning about a critical vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000 Series Fabric Switches in ACI mode that could allow an unauthenticated, remote attacker to read or modify intersite encrypted traffic.
Designated CVE-2023-20185, it affects Cisco Nexus 9000 Series Fabric Switches in ACI mode that are running releases 14.0 and later, if they are part of a Multi-Site topology and have the CloudSec encryption feature enabled.
Cisco says it has not yet released software updates to address the issue, and there are no workarounds to mitigate it. It said in its advisory, “Customers who are currently using the Cisco ACI Multi-Site CloudSec encryption feature for the Cisco Nexus 9332C and Nexus 9364C Switches and the Cisco Nexus N9K-X9736C-FX Line Card are advised to disable it and to contact their support organization to evaluate alternative options.”
