Good Day
During our internal scan of the Cisco APIC, we have identified the existing APIC is running deprecated SSH Cryptographic Settings. I checked the existing management profile for the APIC and there is no option to disable deprecated SSH settings. I suspect the APIC could be impacted with the bug CSCvw85218 (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvw85218?rfs=iqvred )
Is there a procedure to remove the deprecated SSH settings from the management profile ?
APIC details
Software Version - 4.2(6l)
Starting Nmap 6.40 ( http://nmap.org ) at 2022-03-11 08:15 GMT
Nmap scan report for x.x.x.x
Host is up (0.25s latency).
PORT STATE SERVICE
22/tcp open ssh
| ssh2-enum-algos:
| kex_algorithms (8)
| diffie-hellman-group1-sha1
| diffie-hellman-group14-sha1
| diffie-hellman-group-exchange-sha1
| curve25519-sha256@libssh.org
| ecdh-sha2-nistp521
| ecdh-sha2-nistp384
| ecdh-sha2-nistp256
| curve25519-sha256
| server_host_key_algorithms (1)
| ssh-rsa
| encryption_algorithms (2)
| aes256-ctr
| chacha20-poly1305@openssh.com
| mac_algorithms (1)
| hmac-sha2-512
| compression_algorithms (2)
| none
|_ zlib@openssh.com
Nmap done: 1 IP address (1 host up) scanned in 11.11 seconds