Design/Logic Flaw

2019-05-0317:29:00

PRIOn knowledge base

www.prio-n.com

9.3 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.7%

JSON

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.

CPENameOperatorVersion
nexus_93108tc-ex_firmwareeq14.3.100
nexus_93120tx_firmwareeq14.3.100
nexus_93128tx_firmwareeq14.3.100
nexus_93180yc-ex_firmwareeq14.3.100
nexus_9332pq_firmwareeq14.3.100
nexus_9372px_firmwareeq14.3.100
nexus_9372tx_firmwareeq14.3.100
nexus_9396px_firmwareeq14.3.100
nexus_9396tx_firmwareeq14.3.100
nexus_9500_firmwareeq14.3.100

Name	Operator	Version
nexus_93108tc-ex_firmware	eq	14.3.100
nexus_93120tx_firmware	eq	14.3.100
nexus_93128tx_firmware	eq	14.3.100
nexus_93180yc-ex_firmware	eq	14.3.100
nexus_9332pq_firmware	eq	14.3.100
nexus_9372px_firmware	eq	14.3.100
nexus_9372tx_firmware	eq	14.3.100
nexus_9396px_firmware	eq	14.3.100
nexus_9396tx_firmware	eq	14.3.100
nexus_9500_firmware	eq	14.3.100