A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.
The use of a hard-coded cryptographic key significantly increases the possibility that encrypted data may be recovered.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Umbrella | Cisco | * | 3.3.2 (excluding) |