Cisco Umbrella default SSH key allows theft of admin credentials

Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA), allowing unauthenticated attackers to steal admin credentials remotely.

Fraser Hess of Pinnacol Assurance found the flaw (tracked as CVE-2022-20773) in the key-based SSH authentication mechanism of Cisco Umbrella VA.

No impact on default Umbrella VA configurations

Luckily, Cisco says that the SSH service is not enabled by default on Umbrella on-premise virtual machines, significantly lowering the vulnerability’s overall impact.


Leave a Reply

Your email address will not be published.