Herbert Baerten

**Name of the Vulnerable Software and Affected Versions** Cisco Catalyst Center versions (affected versions not specified) **Description** A vulnerability in the SSH server could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This issue is due to the presence of a static SSH host key, which could enable an attacker to perform a machine-in-the-middle attack on SSH connections. A successful exploit could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance, inject commands into the terminal session, and steal valid user credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.