First published: Wed Aug 25 2021(Updated: )
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could exploit this vulnerability by opening a significant number of SSH sessions on an affected device. A successful exploit could allow the attacker to cause a crash and restart of internal Cisco UCS Manager software processes and a temporary loss of access to the Cisco UCS Manager CLI and web UI. Note: The attacker must have valid user credentials to authenticate to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-ssh-dos-MgvmyrQy This advisory is part of the August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.
Credit: This vulnerability was found by Art Kalmykov Cisco during internal security testing
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco UCS Software | =4.1<4.1(3e)=4.0<4.0(4m) | 4.1(3e) 4.0(4m) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Cisco UCS Manager Software vulnerability is cisco-sa-ucs-ssh-dos-MgvmyrQy.
The title of this vulnerability is Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability.
The severity of cisco-sa-ucs-ssh-dos-MgvmyrQy is medium.
Cisco UCS Manager software versions 4.1(3e) and 4.0(4m) are affected by this vulnerability.
An attacker could cause a denial of service (DoS) condition on an affected device by exploiting this vulnerability.