Default SSH Private Key Storage Vulnerability in Cisco UCS Invicta C3124SA Appliance and Whiptail Racerunner

Default SSH Private Key Storage Vulnerability in Cisco UCS Invicta C3124SA Appliance and Whiptail Racerunner

CVE-2016-1313 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294.

Learn more about our Web Application Penetration Testing UK.