MS-ISAC CYBERSECURITY ADVISORIES
MS-ISAC ADVISORY NUMBER:
A Vulnerability in Cisco IOS and IOS XE Software SSH X.509 Version 3 could allow for Authentication Bypass
A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system.
There are currently no reports of this vulnerability being exploited in the wild.
· Cisco IOS
· Cisco IOS XE
· Large and medium government entities: High
· Small government entities: High
· Large and medium business entities: High
· Small business entities: High
Home users: N/A
The vulnerability is due to improper validation of X.509 signatures during the SSH authentication phase. An attacker could exploit this vulnerability by presenting an invalid X.509 signature to an affected system. A successful exploit could allow the attacker to impersonate an existing valid user over an SSH connection.
We recommend the following actions be taken:
· Install updates once released by Cisco after appropriate testing.
· Verify no unauthorized system modifications have occurred on system before applying patch.
· Administrators may disable the X.509 authentication feature on an affected device until the device is upgraded to a fixed release of the software.
· Unless required, limit external network access to affected products.