Cisco patches switches to remove hardcoded credentials

By

Vulnerability allows full remote control of Nexus switches.

Cisco has issued a patch for its Nexus 3000 series and Nexus 3500 platform switches to remove a hardcoded password for a user account which would allow attackers full remote access.

Cisco patches switches to remove hardcoded credentials
Cisco Nexus 3000 series switches. Source: vendor

In a security advisory, Cisco said the account "could allow an unauthenticated, remote attacker to log in to the device with the privileges of the root user with bash [command] shell access."

Remote access is possible via Telnet, or by Secure Shell on a specific release of the NX operating system. Serial console access locally is also possible.

Cisco said the account is created during installation on the devices and cannot be changed or removed without affecting system functionality. 

The company suggested administrators disable the Telnet server on the Nexus devices as a workaround and use SSH instead.

However, NX-OS release 6.0(2)A6(1) allows remote access using the hardcoded user credentials. Cisco advised users to upgrade that version to a release with the vulnerability fixed.

Cisco Nexus 3000 switches running Cisco NX-OS Software releases 6.0(2)U6(1), 6.0(2)U6(2), 6.0(2)U6(3), 6.0(2)U6(4), and 6.0(2)U6(5) are vulnerable.

On the Cisco Nexus 3500 Platform switches, Cisco NX-OS Software releases 6.0(2)A6(1), 6.0(2)A6(2), 6.0(2)A6(3), 6.0(2)A6(4), 6.0(2)A6(5), and 6.0(2)A7(1) contain the default user account with the hardcoded password.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas obtains court order to prevent third-party access to stolen data

Qantas obtains court order to prevent third-party access to stolen data

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

ACSC alerts to exploited MS SharePoint remote code execution flaw

ACSC alerts to exploited MS SharePoint remote code execution flaw

Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator

Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator

Log In

  |  Forgot your password?