CVE-2019-1804
Description
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
7.201
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 11.0 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 11.1 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 11.2 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 11.3 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 12.0 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 12.1 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 12.2 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 12.3 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 13.0 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 13.1 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 13.2 | NCM |
| Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability For Cisco NX-OS System Software in ACI Mode 14.0 | NCM |
| Initialization of a Resource with an Insecure Default Vulnerability (CVE-2019-1804) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706157 | Security Update for Cisco NX-OS System Software in ACI Mode 11.0 9.2(1) |
| PATCH-1706159 | Security Update for Cisco NX-OS System Software in ACI Mode 11.1 9.2(1) |
| PATCH-1706161 | Security Update for Cisco NX-OS System Software in ACI Mode 11.2 9.2(1) |
| PATCH-1706163 | Security Update for Cisco NX-OS System Software in ACI Mode 11.3 9.2(1) |
| PATCH-1706165 | Security Update for Cisco NX-OS System Software in ACI Mode 12.0 9.2(1) |
| PATCH-1706167 | Security Update for Cisco NX-OS System Software in ACI Mode 12.1 9.2(1) |
| PATCH-1706169 | Security Update for Cisco NX-OS System Software in ACI Mode 12.2 9.2(1) |
| PATCH-1706171 | Security Update for Cisco NX-OS System Software in ACI Mode 12.3 9.2(1) |
| PATCH-1706173 | Security Update for Cisco NX-OS System Software in ACI Mode 13.0 9.2(1) |
| PATCH-1706175 | Security Update for Cisco NX-OS System Software in ACI Mode 13.1 9.2(1) |
| PATCH-1706176 | Security Update for Cisco NX-OS System Software in ACI Mode 13.2 4.0(1a) |
| PATCH-1703867 | Security Update for Cisco NX-OS System Software in ACI Mode 14.0 14.1(1i) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234