CVE-2019-1804

Name of the Vulnerable Software and Affected Versions Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software (affected versions not specified)

Description The issue is related to errors in SSH key management, allowing a remote attacker to connect to the system with root privileges via IPv6. This is due to the presence of a default SSH key pair in all devices. An attacker could exploit this by opening an SSH connection via IPv6 using the extracted key materials, gaining access to the system with root privileges. The vulnerability is only exploitable over IPv6.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.