Patch Your Cisco Nexus Switches: Critical Security Flaw Found On Switch Software

A vulnerability has been found on the software that runs on Cisco Nexus 3000 series switches and Cisco Nexus 3500 platform switches. The flaw could give remote attackers root access to the affected switches. Here’s what you need to know.

The cause of the vulnerability, according to Cisco, is a default user account that is created upon the software’s installation that can’t be removed without screwing up the system. This leaves the door open for attackers to use that default account, which has a static password, to authenticate remotely to affected switches using Telnet, a protocol that permits remote access to other computers on a network.

Cisco has released patches to fix the issue and administrators are advised to apply the them as soon as possible. A workaround to the issue is to turn off Telnet.

To find out if your Cisco Nexus switches are affected and to download the patches, you can visit the Cisco Security Advisories and Responses page.

[Via Cisco Security Advisories and Responses]

Have you subscribed to Lifehacker Australia's email newsletter? You can also follow us on LinkedIn, Facebook, Twitter and YouTube.

Trending Stories Right Now