// For flags

CVE-2019-1804

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.

Una vulnerabilidad en la gestión de claves SSH para el software Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch podría permitir que un atacante remoto no autenticado se conecte al sistema afectado con los privilegios de usuario root. La vulnerabilidad se debe a la presencia de un par de claves SSH predeterminado que está presente en todos los dispositivos. Un atacante podría explotar esta vulnerabilidad abriendo una conexión SSH vía IPv6 a un dispositivo objetivo utilizando los materiales clave extraídos. Un exploit podría permitir al atacante acceder al sistema con los privilegios del usuario root. Esta vulnerabilidad sólo es explotable sobre IPv6; IPv4 no es vulnerable.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2018-12-06 CVE Reserved
  • 2019-05-03 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-11-19 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-310: Cryptographic Issues
  • CWE-1188: Initialization of a Resource with an Insecure Default
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Nexus 9332pq Firmware
Search vendor "Cisco" for product "Nexus 9332pq Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9332pq Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9332pq
Search vendor "Cisco" for product "Nexus 9332pq"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 93180yc-ex Firmware
Search vendor "Cisco" for product "Nexus 93180yc-ex Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 93180yc-ex Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 93180yc-ex
Search vendor "Cisco" for product "Nexus 93180yc-ex"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 93128tx Firmware
Search vendor "Cisco" for product "Nexus 93128tx Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 93128tx Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 93128tx
Search vendor "Cisco" for product "Nexus 93128tx"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 93120tx Firmware
Search vendor "Cisco" for product "Nexus 93120tx Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 93120tx Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 93120tx
Search vendor "Cisco" for product "Nexus 93120tx"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 93108tc-ex Firmware
Search vendor "Cisco" for product "Nexus 93108tc-ex Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 93108tc-ex Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 93108tc-ex
Search vendor "Cisco" for product "Nexus 93108tc-ex"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9516 Firmware
Search vendor "Cisco" for product "Nexus 9516 Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9516 Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9516
Search vendor "Cisco" for product "Nexus 9516"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9508 Firmware
Search vendor "Cisco" for product "Nexus 9508 Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9508 Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9508
Search vendor "Cisco" for product "Nexus 9508"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9504 Firmware
Search vendor "Cisco" for product "Nexus 9504 Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9504 Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9504
Search vendor "Cisco" for product "Nexus 9504"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9500 Firmware
Search vendor "Cisco" for product "Nexus 9500 Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9500 Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9500
Search vendor "Cisco" for product "Nexus 9500"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9396tx Firmware
Search vendor "Cisco" for product "Nexus 9396tx Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9396tx Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9396tx
Search vendor "Cisco" for product "Nexus 9396tx"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9396px Firmware
Search vendor "Cisco" for product "Nexus 9396px Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9396px Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9396px
Search vendor "Cisco" for product "Nexus 9396px"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9372tx Firmware
Search vendor "Cisco" for product "Nexus 9372tx Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9372tx Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9372tx
Search vendor "Cisco" for product "Nexus 9372tx"
--
Safe
Cisco
Search vendor "Cisco"
Nexus 9372px Firmware
Search vendor "Cisco" for product "Nexus 9372px Firmware"
14.0\(3d\)
Search vendor "Cisco" for product "Nexus 9372px Firmware" and version "14.0\(3d\)"
-
Affected
in Cisco
Search vendor "Cisco"
Nexus 9372px
Search vendor "Cisco" for product "Nexus 9372px"
--
Safe