On October 18, 2017, Cisco Meraki corrected a technical error in the Meraki dashboard that made sensitive administrator authentication information available to other trusted dashboard users within the same organization. The issue allowed trusted users, with varying levels of permission, to view and access the API key and encrypted (BCrypt hashed and salted) passwords for their organization’s primary administrator.
For more information on this issue and how Meraki has resolved this vulnerability, please refer to this article.
Cameron Moody | Product Manager, Cisco Meraki
