Security Vulnerability In Cisco Devices, Reports Dimension Data

Cisco enterprise network equipments are plagued with vulnerabilities that were patched by the company ages ago, a new study has found.

According to the 2011 Network Barometer Report released by Dimension Data, several companies that are using Cisco networking equipment are infected with a single security vulnerability that was patched by Cisco two years ago.

The report also revealed that 73 percent of the companies were having atleast one security vulnerability that was known and was yet to be patched.

The vulnerability labelled as Cisco PSIRT 109444 was discovered on 66 percent of the systems. The vulnerability has been given a severity rating of 6.4 and 7.8 out of 10 by the Common Vulnerability Scoring System and is capable of allowing a hacker to mount DDoS attacks on the network.

"To a hacker, a security vulnerability is equivalent to leaving one's front door unlocked," said Neil Campbell, Dimension Data's global security manager.

"And attempting to exploit vulnerabilities is usually the first port of call when initiating an attack. That's because it may provide the hacker with full access to the device, which he could use as a launch pad to initiate further attacks internally."