Cisco Integrated Management Controller SSH Denial of Service Vulnerability

A vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing System E-Series Blade servers could allow an unauthenticated, remote attacker to cause a denial of service condition.

The vulnerability is due to a failure to properly handle a crafted SSH packet. An attacker could exploit this vulnerability by sending a crafted packet to the SSH server running on the Cisco IMC of an affected device, which could result in the Cisco IMC becoming unresponsive. The operating system running on the blade will be unaffected.

Cisco has confirmed the vulnerability in a security advisory and released software updates.

To exploit this vulnerability, an attacker may need access to trusted, internal networks behind a firewall, to send crafted packets to the targeted device. This access requirement may reduce the likelihood of a successful exploit.

It is likely that recovering from a successful exploit would require a restart of the targeted device which would cause a temporary availability impact on other resources or traffic the device may provide to legitimate users. Cisco recommends utilizing an OS provided remote access method to properly shutdown the OS to prevent potential corruption of the OS before performing any recovery action if available.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.