Published in News

Cisco fixes three security holes

by on29 June 2015


Allow US government snooping

Cisco has released a security advisory warning of SSH problems in three of its enterprise products which sound to us like a jolly good way for US spooks to snuffle corporate data.


Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv) and Security Management Virtual Appliance (SMAv) have the flaw which is caused by preinstalled SSH encryption keys.

The company said: "A vulnerability in the remote support functionality of Cisco WSAv, Cisco ESAv and Cisco SMAv Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user."

"The vulnerability is due to the presence of a default authorised SSH key that is shared across all the installations of WSAv, ESAv and SMAv. An attacker could exploit this vulnerability by obtaining the SSH private key and using it to connect to any WSAv, ESAv or SMAv."

Exploitation of the flaws could allow an "unauthenticated, remote attacker to decrypt and impersonate secure communication between any virtual content security appliance".

Cisco has issued updates and it is urging companies to install these post haste.

Security updates are nothing new but following Edward Snowden's revelations about how the US spooks had backdoors into Cisco products we have to wonder if this error was deliberate or not.

Rate this item
(2 votes)

Read more about: