A vulnerability in the implementation of X.509 Version 3 for SSH authentication functionality in Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass authentication on an affected system.
Cisco IOS XE
The vulnerability is due to improper validation of X.509 signatures during the SSH authentication phase. An attacker could exploit this vulnerability by presenting an invalid X.509 signature to an affected system. A successful exploit could allow the attacker to impersonate an existing valid user over an SSH connection.
- After appropriate testing, apply applicable patches/updates provided by Cisco to the vulnerable systems.
- Verify no unauthorized system modifications have occurred on system before applying patch. A
- Administrators may disable the X.509 authentication feature on an affected device until the device is upgraded to a fixed release of the software.
- Unless required, limit external network access to affected products.