First published: Wed May 15 2019(Updated: )
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-ssh-info
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco NX-OS Software | ||
Cisco NX-OS Software | =6.0(2)A8<6.0(2)A8(10)=Prior to 6.0(2)A8<6.0(2)A8(10) | 6.0(2)A8(10) 6.0(2)A8(10) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of cisco-sa-20190515-nxos-ssh-info is medium with a CVSS score of 5.1.
The vulnerability in cisco-sa-20190515-nxos-ssh-info allows an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device.
Only an authenticated, local attacker with valid administrator device credentials can exploit cisco-sa-20190515-nxos-ssh-info.
To fix cisco-sa-20190515-nxos-ssh-info, apply the necessary updates or patches provided by Cisco.
You can find more information about cisco-sa-20190515-nxos-ssh-info in the Cisco Security Advisory.