
Cisco Nexus 9000 Series Fabric Switches ACI Mode Default SSH Key Vulnerability - el_duderino
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190501-nexus9k-sshkey
======
tastroder
While it's overly flippant, I somehow enjoyed the register's take on it:

[https://www.theregister.co.uk/2019/05/02/cisco_vulnerabiliti...](https://www.theregister.co.uk/2019/05/02/cisco_vulnerabilities/)

------
java-man
I don't understand how this could happen in 2019. There were multiple people
involved who coded, reviewed, tested the code, signed off on the release.

The other possible explanation is that it's intentional.

~~~
closeparen
Are we sure Cisco does any of that stuff?

I picture their code coming in as .zip email attachments from whatever
outsourcing company, and landing on an NFS share somewhere. I’d be impressed
if they had version control, let alone code review.

~~~
java-man
good point.

