Cisco Umbrella Virtual Appliance Static SSH Host Key Vulnerability

Advisory ID:cisco-sa-uva-static-key-6RQTRs4cFirst Published:2022 April 20 16:00 GMTVersion 1.0:FinalWorkarounds:No workarounds availableCisco Bug IDs:CSCwa11399CVSS Score:Base 7.5CVE-2022-20773CWE-321 Download CVRFEmail Summary A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance (VA) could allow an unauthenticated, remote attacker to impersonate a VA.This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing …