Vulnerabilites related to cisco - wrp500_firmware
Vulnerability from fkie_nvd
Published
2017-10-12 15:29
Modified
2024-11-21 02:34
Summary
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
References
ykramarz@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ciIssue Tracking, Patch, Vendor Advisory
ykramarz@cisco.comhttp://www.kb.cert.org/vuls/id/566724Third Party Advisory, US Government Resource
ykramarz@cisco.comhttp://www.securityfocus.com/bid/78047Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1034255Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1034256Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1034257Third Party Advisory, VDB Entry
ykramarz@cisco.comhttp://www.securitytracker.com/id/1034258Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ciIssue Tracking, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/566724Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/78047Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034255Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034256Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034257Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1034258Third Party Advisory, VDB Entry



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F503CBF1-C2FB-40ED-8DA4-85F233EC4F8F",
                     versionEndIncluding: "1.3.1.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE1BC6E1-8A83-438F-AE33-3AAED7DF1CBE",
                     versionEndIncluding: "1.3.1.10",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7881E4BC-6590-49C0-88C4-A21F2BE2B4FE",
                     versionEndIncluding: "2.0.3.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EC30BCF7-FA1A-44B3-8C58-17DFA939E7C7",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wrv210_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E9D1511-2B20-4013-9504-0FE9A9B5220C",
                     versionEndIncluding: "2.0.1.5",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wrv210:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6FA20862-B235-4230-8861-A59CF62CC65E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wap4410n_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB758D90-1888-42E3-9305-82F59D9C1891",
                     versionEndIncluding: "2.0.7.8",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wap4410n:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFF89AC2-2A85-463C-A644-B3FA31A470FA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wrv200_firmware:1.0.39:*:*:*:*:*:*:*",
                     matchCriteriaId: "57B0AF22-058C-4273-8A3F-744692DFB77E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wrv200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F73575BC-B0E8-49A5-8E68-4D9B3109029D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wrvs4400n_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1A1D37CC-A650-496D-B66B-62F69EFFFCCC",
                     versionEndIncluding: "2.0.2.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wrvs4400n:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BC842A29-7A55-4474-B5AD-A6813FE16A7D",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wap200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBC035F1-83DE-47F1-BF2D-72FE32E926BC",
                     versionEndIncluding: "2.0.6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wap200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD50A4C8-8E79-4D0B-8D23-88425EFE9234",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wvc2300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C6F6D758-4D48-4D16-B54C-08F924D8623C",
                     versionEndIncluding: "1.1.2.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wvc2300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1122B4F-87D0-4030-9C4C-E811BBEAC51F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:pvc2300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "24B3D0D5-BA35-44A7-A9AC-EFC38638424E",
                     versionEndIncluding: "1.1.2.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:pvc2300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "35B259F8-E3F8-44D0-9EDB-BC686F239CF6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:srw224p_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72473F9C-4AD6-47AE-9568-D7451EB8DD09",
                     versionEndIncluding: "2.0.2.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:srw224p:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B559090-2CB3-41E6-B9C8-EB83FC7AFE54",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wet200_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1B80159-909F-4B59-9DC6-34C1E508FCD1",
                     versionEndIncluding: "2.0.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wet200:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "565A92B8-DF55-4F7D-B312-E1870728F27A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wap2000_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3751819E-FF92-4540-93D2-2D8F8427D826",
                     versionEndIncluding: "2.0.8.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wap2000:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4844B66-4D3A-4526-87A3-6C45B9360691",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wap4400n_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C17056F7-933C-45AD-8F75-64E4B9ADFB55",
                     versionEndIncluding: "-",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wap4400n:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D47B755E-277A-4FF5-B005-C7F28B191D6B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv120w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "34E8DF08-06D6-46EE-AE4A-8FA11D3E1FB9",
                     versionEndIncluding: "1.0.5.9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv120w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40465CA8-BE8B-4F15-8578-D8972C241D84",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv180_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A27C46AD-51E7-463F-A296-D4C6DF9B01F7",
                     versionEndIncluding: "1.0.5.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv180:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A8BD67F3-98CE-4B03-8980-6791B753FDC9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv180w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BA690405-6AB8-4503-90AB-0B25F50F4776",
                     versionEndIncluding: "1.0.5.4",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv180w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5E3FBF6-4EB3-4C2F-AE0E-25F5765DD107",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv315w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7EEDA17A-529D-455C-B608-DFCFEC4DD448",
                     versionEndIncluding: "1.01.03",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv315w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8D7B47D7-4D6B-43BF-BF1C-E89C781DDD14",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:srp520_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "857DB576-9674-42E1-B122-0ACCD696818F",
                     versionEndIncluding: "1.01.29",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:srp520:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEE62C2A-30E6-4E0F-AC84-1A75F5032D22",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:srp520-u_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F87C7EB8-4AF8-484E-B90F-B5E2C77D7679",
                     versionEndIncluding: "1.2.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:srp520-u:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4A12DCA-F804-4CC1-B1FE-EF4A182A9722",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:wrp500_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "67487247-39A1-4EF9-A451-3A2585CC7D54",
                     versionEndIncluding: "1.0.1.002",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:wrp500:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78DAF22A-9A5A-4E55-AF0F-ED9969610411",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:spa400_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "26067A0B-6752-4008-A021-57A76AC84F26",
                     versionEndIncluding: "1.1.2.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:spa400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A20F9B77-999F-4B2E-8894-6D6AED4A92CC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rtp300_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "114E7DD2-5C5F-40A2-A795-FF75FACB4567",
                     versionEndIncluding: "3.1.24",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rtp300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "78E72C11-E53D-4E29-802A-002F0229C158",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:cisco:rv220w_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C9C4E5A6-88BB-4758-8222-369BAE95C14B",
                     versionEndIncluding: "1.0.4.17",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:cisco:rv220w:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8620DFD9-E280-464E-91FF-2E901EDD49C0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.",
      },
      {
         lang: "es",
         value: "Múltiples dispositivos con software de Cisco incorporado utilizan certificados X.509 embebidos y claves de host SSH embebidas en el firmware, lo que permite que atacantes remotos superen los mecanismos de protección criptográfica y realicen ataques Man-in-the-Middle (MitM) sabiendo de estos certificados y claves de otra instalación. Esto también se conoce por los siguientes Bug ID: CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899 y CSCuw90913.",
      },
   ],
   id: "CVE-2015-6358",
   lastModified: "2024-11-21T02:34:50.923",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.0",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2017-10-12T15:29:00.217",
   references: [
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Issue Tracking",
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "http://www.kb.cert.org/vuls/id/566724",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/78047",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034255",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034256",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034257",
      },
      {
         source: "ykramarz@cisco.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034258",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Patch",
            "Vendor Advisory",
         ],
         url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "US Government Resource",
         ],
         url: "http://www.kb.cert.org/vuls/id/566724",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/78047",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034255",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034256",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034257",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securitytracker.com/id/1034258",
      },
   ],
   sourceIdentifier: "ykramarz@cisco.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-295",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

cve-2015-6358
Vulnerability from cvelistv5
Published
2017-10-12 15:00
Modified
2024-08-06 07:22
Severity ?
Summary
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
References
http://www.kb.cert.org/vuls/id/566724third-party-advisory, x_refsource_CERT-VN
http://www.securitytracker.com/id/1034258vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/78047vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1034255vdb-entry, x_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-civendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1034257vdb-entry, x_refsource_SECTRACK
http://www.securitytracker.com/id/1034256vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T07:22:20.764Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "VU#566724",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/566724",
               },
               {
                  name: "1034258",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034258",
               },
               {
                  name: "78047",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/78047",
               },
               {
                  name: "1034255",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034255",
               },
               {
                  name: "20151125 Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci",
               },
               {
                  name: "1034257",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034257",
               },
               {
                  name: "1034256",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034256",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-11-25T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-10-12T14:57:01",
            orgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
            shortName: "cisco",
         },
         references: [
            {
               name: "VU#566724",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/566724",
            },
            {
               name: "1034258",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1034258",
            },
            {
               name: "78047",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/78047",
            },
            {
               name: "1034255",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1034255",
            },
            {
               name: "20151125 Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci",
            },
            {
               name: "1034257",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1034257",
            },
            {
               name: "1034256",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1034256",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@cisco.com",
               ID: "CVE-2015-6358",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "VU#566724",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/566724",
                  },
                  {
                     name: "1034258",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1034258",
                  },
                  {
                     name: "78047",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/78047",
                  },
                  {
                     name: "1034255",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1034255",
                  },
                  {
                     name: "20151125 Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability",
                     refsource: "CISCO",
                     url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci",
                  },
                  {
                     name: "1034257",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1034257",
                  },
                  {
                     name: "1034256",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1034256",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633",
      assignerShortName: "cisco",
      cveId: "CVE-2015-6358",
      datePublished: "2017-10-12T15:00:00",
      dateReserved: "2015-08-17T00:00:00",
      dateUpdated: "2024-08-06T07:22:20.764Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}