Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability (cisco-sa-20190501-nexus9k-sshkey)

According to its self-reported version, Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode has a Default SSH System Key. An unauthenticated, remote attacker can exploit this, to gain root privileges. Please see the included Cisco BIDs and Cisco Security Advisory for more...

CVE-2019-1804

CVE-2019-1804 affects Cisco Nexus 9000 Series fabric switches running NX-OS in ACI Mode. The root cause is a default SSH key pair present on devices, enabling an unauthenticated, remote attacker to gain root privileges by connecting over IPv6 with the extracted keys. Impact is full system comprom...

CVE-2019-1804

creationtimestamp| type| source ---|---|--- 2019-05-02 16:49:17+00:00| seen| https://t.me/informationsecuritychannel/27114 2019-05-03 07:59:24+00:00| seen| https://t.me/informationsecuritychannel/27144 2024-10-04 22:53:50+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2...

Cisco Warns of Critical Nexus 9000 Data Center Flaw

A critical vulnerability in Cisco’s software-defined networking SDN software could allow an unauthenticated, remote attacker to connect to a vulnerable data-center switch and take it over, with the privileges of the root user. The bug CVE-2019-1804, which has a CVSS severity rating of 9.8 out of...