Menu
Cisco warns of default SSH keys shipped in three products

Cisco warns of default SSH keys shipped in three products

The flaw could allow an attacker to decrypt traffic exchanged by three Cisco virtual appliances

Cisco Systems has issued a patch for three products that shipped with default SSH keys.

Cisco Systems has issued a patch for three products that shipped with default SSH keys.

Cisco Systems said on Thursday it released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.

The products are Cisco's Web Security Virtual Appliance, Email Security Virtual Appliance and Security Management Virtual Appliance, it said in an advisory. Versions downloaded before Thursday are vulnerable.

Cisco said it "is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."

The three products all shipped with preinstalled encryption keys for SSH (Secure Shell), which is used to remotely log into machines. It's considered a bad security practice to ship products that all have the same private keys.

If attackers obtained the private keys, it would be possible to decrypt traffic after collecting it during a man-in-the-middle attack. It would also be possible to impersonate one of the appliances or alter traffic, Cisco warned.

The patch deletes the preinstalled SSH keys and provides instructions for how customers can completely fix the problem. Cisco wrote that the patch is not required for physical hardware appliances or for virtual appliance downloads or upgrades after Thursday.

The fix is named "cisco-sa-20150625-ironport SSH Keys Vulnerability Fix" in a list of product upgrades. It must be manually installed from a command line interface, it said.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags Cisco Systemssecuritydata breachencryptionExploits / vulnerabilities

Featured

Slideshows

Sizing up the NZ security spectrum - Where's the channel sweet spot?

Sizing up the NZ security spectrum - Where's the channel sweet spot?

From new extortion schemes, outside threats and rising cyber attacks, the art of securing the enterprise has seldom been so complex or challenging. With distance no longer a viable defence, Kiwi businesses are fighting to stay ahead of the security curve. In total, 28 per cent of local businesses faced a cyber attack last year, with the number in New Zealand set to rise in 2017. Yet amidst the sensationalism, media headlines and ongoing high profile breaches, confusion floods the channel, as partners seek strategic methods to combat rising sophistication from attackers. In sizing up the security spectrum, this Reseller News roundtable - in association with F5 Networks, Kaspersky Lab, Tech Data, Sophos and SonicWall - assessed where the channel sweet spot is within the New Zealand channel. Photos by Maria Stefina.

Sizing up the NZ security spectrum - Where's the channel sweet spot?
Show Comments