Cisco released a security updates with fixes for several product including Cisco Nexus 9000 Series Fabric Switches that affected by critical SSH key vulnerability that allow remote attackers gain access to the affected system.
A Critical Vulnerability (CVE-2019-1804) in SSH key pair for the software’s Secure Shell (SSH) key management function that allows attacks to discover the pairing and connect to a vulnerable Nexus 9000 Series device remotely.
This bug leaks to an attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials.
Additionally Cisco patched 22 high-severity flaws and 18 medium-severity flaws that affected various other Cisco
Another high severity vulnerability (CVE-2019-1803) that affected Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges.
A command
“Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition.”
A Complete List of Vulnerabilities that Patched by Cisco
Cisco advised users to apply these patches immediately to keep the network safe and secure.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates
Also Read:
Cisco Fixed Routers Vulnerabilities that Allows Hackers to Run Remote Code with Root Access
Hackers Exploiting More than 9000 Cisco RV320/RV325 Routers After POC published in GitHub
Cisco Released Security Updates & Fixed Several Vulnerabilities that Affected Cisco Products
Privilege Escalation Flaw in Cisco ASA Allows Attackers To Read or Write Files in the System