CVE-2015-6358

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

CVSS v3 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci	Issue Tracking Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/566724	Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/78047	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034255	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034256	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034257	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034258	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:wrv210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrv210:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:wap4410n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap4410n:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:cisco:wrv200_firmware:1.0.39:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrv200:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:cisco:wrvs4400n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrvs4400n:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:cisco:wap200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap200:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:cisco:wvc2300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wvc2300:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:cisco:pvc2300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:pvc2300:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:cisco:srw224p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:srw224p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:cisco:wet200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wet200:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:cisco:wap2000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap2000:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:cisco:wap4400n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap4400n:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:cisco:rv120w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv120w:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:cisco:rv180_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv180:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:cisco:rv180w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv180w:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:cisco:rv315w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv315w:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:cisco:srp520_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:srp520:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:cisco:srp520-u_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:srp520-u:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:cisco:wrp500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrp500:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:cisco:spa400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:spa400:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:cisco:rtp300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rtp300:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:cisco:rv220w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv220w:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-10-12 15:29

Updated : 2024-02-04 19:29

NVD link : CVE-2015-6358

Mitre link : CVE-2015-6358

CVE.ORG link : CVE-2015-6358

JSON object : View

Products Affected

cisco

wet200
wrv200_firmware
wap4410n
wrp500
rv320_firmware
wrp500_firmware
srp520-u_firmware
rtp300
srp520
wap200
wap2000_firmware
wap4400n_firmware
wvc2300
spa400_firmware
wrvs4400n_firmware
pvc2300
wrv210_firmware
wap2000
wvc2300_firmware
rv120w_firmware
srw224p_firmware
srp520-u
wap4410n_firmware
rv315w_firmware
wet200_firmware
wap200_firmware
rv315w
rv325
wrvs4400n
wrv210
srp520_firmware
rv180w
pvc2300_firmware
wap4400n
rv325_firmware
srw224p
rvs4000_firmware
rvs4000
rtp300_firmware
rv180_firmware
rv220w
spa400
rv220w_firmware
rv320
rv120w
rv180w_firmware
wrv200
rv180

CWE

CWE-295

Improper Certificate Validation

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2015-6358

5.9^/10

4.3^/10

Attach tags to `CVE-2015-6358`