Cisco patches Critical ‘Default SSH Key’ vulnerability, 40 other bugs

'Default SSH Key' vulnerability

Cisco released security updates to patch a critical “Default SSH Key” vulnerability in Cisco Nexus 9000 series software as well as 22 High and 18 Medium severity bugs in multiple products, such as Cisco’s Web Security Appliance, Umbrella, Adaptive Security Appliance, Firepower, Small Business routers and others.

The Critical vulnerability CVE-2019-1804 resides in the SSH key management for the Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure (ACI) Mode Switch Software. A remote attacker could exploit this bug without any authentication and compromise system with root user privileges.

“The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable,” Cisco noted in the advisory.

Another high severity privileged escalation vulnerability CVE-2019-1803 in the same ACI software was also patched by Cisco. A local hacker with administrator rights could gain elevated privileges as the root user on an affected device.

Cisco also patched one high severity Umbrella UI session management vulnerability CVE-2019-1807 that could allow an authenticated remote attacker to access the Dashboard via an active, user session.

A summary of the 22 High severity security updates impact the following Cisco products (along with vulnerability counts for each):

  • Adaptive Security Appliance (9)
  • Application Policy Infrastructure (1)
  • Firepower Threat Defense (3)
  • IP Phones – 7800, 8800 Series (1)
  • Nexus 9000 Series Fabric Switches (3)
  • Small Business Routers – RV320, RV325 (1)
  • Small Business Switches (1)
  • Umbrella (1)
  • Web Security Appliance (2)

Cisco also patched 18 Medium rated vulnerabilities in multiple products. Network administrators should patch affected products as soon as possible.

See the full list of Cisco Security Advisories and Alerts published this week.