Cisco Nexus 1000V VSM to vCenter Communication Man-in-the-Middle Vulnerability

A vulnerability in the SSL implementation of the Cisco Nexus 1000V could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against Virtual Supervisor Module (VSM) to VMware vCenter communications.

The vulnerability is due to improper verification of SSL security certificates by the VSM. An attacker could exploit this vulnerability to eavesdrop on communications, and to inject modified or arbitrary data.

Cisco would like to thank Felix ‘FX’ Lindner, Recurity Labs GmbH, for reporting this issue to us.

Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.

To exploit this vulnerability, the attacker would likely need access to a trusted, internal network in which the targeted device may reside and have access to the communication path between the VSM and vCenter server. These access restrictions limits the possibility of a successful exploit.

Customers are advised to review the bug reports in the “Vendor Announcements” section for a current list of affected versions.