CVE-2019-1731
Cisco NX-OS Software SSH Key Information Disclosure Vulnerability
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.1EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Lifecycle
15 May 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
Affected products
Cisco · Cisco NX-OS Software