Unsuspecting SSH Attacks on Cisco Catalyst Center

CVE-2024-20350

7.5HIGH

Key Information

Vendor: Cisco
Status: Cisco Digital Network Architecture Center (dna Center)
Vendor: CVE Published:; 25 September 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.

This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.

Affected Version(s)

Cisco Digital Network Architecture Center (DNA Center) = 1.4.0.0

Cisco Digital Network Architecture Center (DNA Center) = 2.1.1.0

Cisco Digital Network Architecture Center (DNA Center) = 2.1.1.3

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Sep 27, 2024
Vulnerability published
Sep 25, 2024

Collectors

NVD DatabaseMitre Database