Misc

Security Advisory for Cisco Nexus 9000 Series Fabric Switches in ACI mode

Yesterday, Cisco released a number of security advisories. Three of the advisories originated from research performed by us for the Cisco Nexus 9000 Series Fabric Switches / Cisco Application Centric Infrastructure (ACI).

More specifically, these advisories are the following:

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey
CVSS Base Score: 9.8

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Root Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-rpe
CVSS Base Score: 7.8

Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Symbolic Link Path Traversal Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-fabric-traversal
CVSS Base Score: 5.5

More information on all published advisories can be found here.

Make sure to update all of your affected devices!

Timeline of disclosure process:
08.03.2019 – Initial report of vulnerabilities
08.03.2019 – Acknowledgement of vulnerability report
15.03.2019 – Confirmation of vulnerabilities
01.05.2019 – Release of security advisories
02.05.2019 – Blogpost