CVE-2025-20163 – Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Impersonation Vulnerability

June 4, 2025

CVE ID : CVE-2025-20163

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices.

This vulnerability is due to insufficient SSH host key validation. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections to Cisco NDFC-managed devices, which could allow an attacker to intercept this traffic. A successful exploit could allow the attacker to impersonate a managed device and capture user credentials.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20261 – Cisco IMC SSH Privilege Escalation Vulnerability

Next Article CVE-2025-20129 – Cisco Customer Collaboration Platform (CCP) HTTP Request Manipulation Vulnerability

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-20163 – Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Impersonation Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

Microsoft Edge’s latest stable channel update adds MORE AI — All Copilot all the time

This portable laptop accessory helped me finally achieve my daily standing goals during the workday

Designing AI features people actually want

CVE-2025-5222 – ICU Buffer Overflow Vulnerability

Rilasciato KDE Plasma 6.4: Un’esperienza desktop avanzata, intuitiva e funzionale

CVE-2025-5385 – JeeWMS Path Traversal Vulnerability

How to Deploy a Next.js Blog on Sevalla

Best Semrush Alternatives (2025 Edition)

CVE-2025-20163 – Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Impersonation Vulnerability

Related Posts