Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2019-1804
HistoryMay 03, 2019 - 5:29 p.m.

CVE-2019-1804

2019-05-0317:29:00
CWE-1188
CWE-310
cisco
web.nvd.nist.gov
58
cisco
nexus
vulnerability
ssh
key management
remote access
cve-2019-1804
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.003

Percentile

71.7%

JSON

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. The vulnerability is due to the presence of a default SSH key pair that is present in all devices. An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials. An exploit could allow the attacker to access the system with the privileges of the root user. This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.

Affected configurations

Nvd
Node
cisconexus_9332pq_firmwareMatch14.0\(3d\)
AND
cisconexus_9332pqMatch-
Node
cisconexus_93180yc-ex_firmwareMatch14.0\(3d\)
AND
cisconexus_93180yc-exMatch-
Node
cisconexus_93128tx_firmwareMatch14.0\(3d\)
AND
cisconexus_93128txMatch-
Node
cisconexus_93120tx_firmwareMatch14.0\(3d\)
AND
cisconexus_93120txMatch-
Node
cisconexus_93108tc-ex_firmwareMatch14.0\(3d\)
AND
cisconexus_93108tc-exMatch-
Node
cisconexus_9516_firmwareMatch14.0\(3d\)
AND
cisconexus_9516Match-
Node
cisconexus_9508_firmwareMatch14.0\(3d\)
AND
cisconexus_9508Match-
Node
cisconexus_9504_firmwareMatch14.0\(3d\)
AND
cisconexus_9504Match-
Node
cisconexus_9500_firmwareMatch14.0\(3d\)
AND
cisconexus_9500Match-
Node
cisconexus_9396tx_firmwareMatch14.0\(3d\)
AND
cisconexus_9396txMatch-
Node
cisconexus_9396px_firmwareMatch14.0\(3d\)
AND
cisconexus_9396pxMatch-
Node
cisconexus_9372tx_firmwareMatch14.0\(3d\)
AND
cisconexus_9372txMatch-
Node
cisconexus_9372px_firmwareMatch14.0\(3d\)
AND
cisconexus_9372pxMatch-
VendorProductVersionCPE
cisconexus_9332pq_firmware14.0(3d)cpe:2.3:o:cisco:nexus_9332pq_firmware:14.0\(3d\):*:*:*:*:*:*:*
cisconexus_9332pq-cpe:2.3:h:cisco:nexus_9332pq:-:*:*:*:*:*:*:*
cisconexus_93180yc-ex_firmware14.0(3d)cpe:2.3:o:cisco:nexus_93180yc-ex_firmware:14.0\(3d\):*:*:*:*:*:*:*
cisconexus_93180yc-ex-cpe:2.3:h:cisco:nexus_93180yc-ex:-:*:*:*:*:*:*:*
cisconexus_93128tx_firmware14.0(3d)cpe:2.3:o:cisco:nexus_93128tx_firmware:14.0\(3d\):*:*:*:*:*:*:*
cisconexus_93128tx-cpe:2.3:h:cisco:nexus_93128tx:-:*:*:*:*:*:*:*
cisconexus_93120tx_firmware14.0(3d)cpe:2.3:o:cisco:nexus_93120tx_firmware:14.0\(3d\):*:*:*:*:*:*:*
cisconexus_93120tx-cpe:2.3:h:cisco:nexus_93120tx:-:*:*:*:*:*:*:*
cisconexus_93108tc-ex_firmware14.0(3d)cpe:2.3:o:cisco:nexus_93108tc-ex_firmware:14.0\(3d\):*:*:*:*:*:*:*
cisconexus_93108tc-ex-cpe:2.3:h:cisco:nexus_93108tc-ex:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 261

CNA Affected

[
  {
    "product": "Cisco NX-OS Software for Nexus 9000 Series Fabric Switches ACI Mode 11.0.1b",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "n/a",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

attackerkb 1
nvd 1
prion 1
cisco 1
nessus 1
cvelist 1
threatpost 3
attackerkb
attackerkb
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability
2019-05-03 00:00:00
nvd
nvd
CVE-2019-1804
2019-05-03 17:29:00
prion
prion
Design/Logic Flaw
2019-05-03 17:29:00
cisco
cisco
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability
2019-05-01 16:00:00
nessus
nessus
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability (cisco-sa-20190501-nexus9k-sshkey)
2020-06-03 00:00:00
cvelist
cvelist
CVE-2019-1804 Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Default SSH Key Vulnerability
2019-05-03 16:25:32
threatpost
threatpost
Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover
2019-05-07 20:38:32
Cisco Warns of Critical Nexus 9000 Data Center Flaw
2019-05-02 15:24:10
High-Severity Bug Leaves Cisco TelePresence Gear Open to Attack
2019-05-06 19:03:51

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.3

Confidence

High

EPSS

0.003

Percentile

71.7%

JSON
Related for CVE-2019-1804
attackerkb1nvd1prion1cisco1nessus1cvelist1threatpost3