Cisco Systems issued a series of security updates on Wednesday, addressing 42 vulnerabilities, including one critical bug found in the Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software.
Designated CVE-2019-1804, the critical flaw could potentially allow an authenticated remote attacker to gain root user privileges on an affected system. Cisco Nexus 9000 Series Fabric Switches using versions of the software prior to 14.1 are vulnerable when running in Application Centric Infrastructure (ACI) mode.
“The vulnerability is due to the presence of a default SSH key pair that is present in all devices,” a security advisory explains. “An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the rootuser. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.”
Of the remaining vulnerabilities posted on May 1, 23 of them are considered high severity in nature, while the rest are medium-level threats.
Affected products include the Cisco Web Security Appliance, Umbrella Dashboard, Adaptive Security Appliance Software, Firepower Threat Defense, Small Business Switches, Small Business RV320 and RV325 Routers, IP Phone 7800 Series and 800 Series, Application Policy Infrastructure Controller, Prime Network Registrar, Price Collaboration Assurance, HyperFlex HX-Series, Expressway Series and Email Security Appliance.