Cisco Umbrella default SSH key allows theft of admin credentials (bleepingcomputer.com)
“Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA), allowing unauthenticated attackers to steal admin credentials remotely.” The vulnerability was due to a static SSH host key being present, which allowed for a man-in-the-middle attack that learns administrator credentials, changes configurations, or reloads the VA. There is no impact on default configurations as the SSH service is disabled by default.
Kenneth Saltisky
Leave a Reply