A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote malicious user to impersonate a VA. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the malicious user to learn the administrator credentials, change configurations, or reload the VA. Note: SSH is not enabled by default on the Umbrella VA.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco umbrella |
Get our weekly newsletter Plus: Cisco Umbrella flaw patched, lid blown off TeamTNT, and ICS security folks join JCDC party
In brief The BlackCat ransomware gang, said to be the first-known ransomware group to successfully break into networks with Rust-written malware, has attacked at least 60 organizations globally as of March, according to the FBI. BlackCat, also known as ALPHV, is a relatively new group of cybercriminals that operates a Windows ransomware-as-a-service. But while it only appeared on the ransomware crime scene in November 2021, security researchers and federal law enforcement have linked its develop...