Cisco SSH key vulnerability: Deja vu

This month, Cisco released a patch for some of its security appliances that addressed a vulnerability with hard-coded SSH host and private keys. Almost a year ago, Cisco issued a similar warning regarding hard-coded SSH keys in a different product. This is a serious issue because an attacker who is able to obtain the private key can use the key to get root access. That’s the bad news. The even worse news is that Cisco isn’t the only vendor with this problem.

Read more here:

https://threatpost.com/cisco-ssh-key-flaw-has-echoes-of-earlier-vulnerabilities/113484

 

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top