A vulnerability has been found on the software that runs on Cisco Nexus 3000 series switches and Cisco Nexus 3500 platform switches. The flaw could give remote attackers root access to the affected switches. Here’s what you need to know.
The cause of the vulnerability, according to Cisco, is a default user account that is created upon the software’s installation that can’t be removed without screwing up the system. This leaves the door open for attackers to use that default account, which has a static password, to authenticate remotely to affected switches using Telnet, a protocol that permits remote access to other computers on a network.
Cisco has released patches to fix the issue and administrators are advised to apply the them as soon as possible. A workaround to the issue is to turn off Telnet.
To find out if your Cisco Nexus switches are affected and to download the patches, you can visit the Cisco Security Advisories and Responses page.
Comments
One response to “Patch Your Cisco Nexus Switches: Critical Security Flaw Found On Switch Software”
From what I’m reading on the cisco advisory page. It states that this default account only is accessible via telent. Since telnet is disabled by default on cisco nexus and other switches, it would mean an administrator would have to have actually gone and enabled telnet… Why would you enable telnet!?