cvelistv5 - cve-2015-4216

CVE-2015-4216 (GCVE-0-2015-4216)

Vulnerability from cvelistv5 – Published: 2015-06-26 10:00 – Updated: 2024-08-06 06:11

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1032725	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1032726	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/75417	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T06:11:11.761Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
          },
          {
            "name": "1032725",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032725"
          },
          {
            "name": "1032726",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032726"
          },
          {
            "name": "75417",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75417"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-23T18:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
        },
        {
          "name": "1032725",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032725"
        },
        {
          "name": "1032726",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1032726"
        },
        {
          "name": "75417",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75417"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-4216",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
            },
            {
              "name": "1032725",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032725"
            },
            {
              "name": "1032726",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1032726"
            },
            {
              "name": "75417",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75417"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-4216",
    "datePublished": "2015-06-26T10:00:00",
    "dateReserved": "2015-06-04T00:00:00",
    "dateUpdated": "2024-08-06T06:11:11.761Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7CC2842-66AE-4738-BF49-F491B4E1EF7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE947E42-6952-49E4-9674-5C8E0900E3BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A560D3EA-57DF-48A9-B7A1-957C226C625B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F44102CA-6BE5-42AD-910B-3A0BA911FB53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C7E609D-0414-40AD-BD7D-D708C3B36986\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C699F035-7418-4344-8FDE-7C180176186D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABB49075-4E5C-46F2-8436-0A7BA7161972\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"048F0725-C1B9-4D21-B7FE-2E81E72CFBD3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7837ACC-B42E-4099-BF9F-87523637C91A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"715190B6-9EBD-42DB-98B7-3FD410536F97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E063B3C2-53CE-4732-8482-6A4B8EF0D02E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"675388FE-6B3D-4C90-BFB4-B997DDF47AB2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.\"}, {\"lang\": \"es\", \"value\": \"La caracter\\u00edstica de soporte remoto en los dispositivos Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), y Security Management Virtual Appliance (SMAv) anterior a 2015-06-25 utiliza la misma clave autorizada de root SSH por defecto en las instalaciones de clientes diferentes, lo que facilita a atacantes remotos evadir la autenticaci\\u00f3n mediante el aprovechamiento de conocimiento de una clave privada de otra instalaci\\u00f3n, tambi\\u00e9n conocido como Bug IDs CSCuu95988, CSCuu95994, y CSCuu96630.\"}]",
      "id": "CVE-2015-4216",
      "lastModified": "2024-11-21T02:30:39.123",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-06-26T10:59:03.327",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/75417\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1032725\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1032726\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/75417\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1032725\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1032726\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-4216\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-06-26T10:59:03.327\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.\"},{\"lang\":\"es\",\"value\":\"La caracter\u00edstica de soporte remoto en los dispositivos Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), y Security Management Virtual Appliance (SMAv) anterior a 2015-06-25 utiliza la misma clave autorizada de root SSH por defecto en las instalaciones de clientes diferentes, lo que facilita a atacantes remotos evadir la autenticaci\u00f3n mediante el aprovechamiento de conocimiento de una clave privada de otra instalaci\u00f3n, tambi\u00e9n conocido como Bug IDs CSCuu95988, CSCuu95994, y CSCuu96630.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7CC2842-66AE-4738-BF49-F491B4E1EF7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE947E42-6952-49E4-9674-5C8E0900E3BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A560D3EA-57DF-48A9-B7A1-957C226C625B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F44102CA-6BE5-42AD-910B-3A0BA911FB53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C7E609D-0414-40AD-BD7D-D708C3B36986\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C699F035-7418-4344-8FDE-7C180176186D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABB49075-4E5C-46F2-8436-0A7BA7161972\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048F0725-C1B9-4D21-B7FE-2E81E72CFBD3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7837ACC-B42E-4099-BF9F-87523637C91A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"715190B6-9EBD-42DB-98B7-3FD410536F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E063B3C2-53CE-4732-8482-6A4B8EF0D02E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"675388FE-6B3D-4C90-BFB4-B997DDF47AB2\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/75417\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1032725\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1032726\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/75417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1032725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1032726\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

GHSA-775R-5J4X-P42J

Vulnerability from github – Published: 2022-05-17 03:14 – Updated: 2022-05-17 03:14

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-4216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-06-26T10:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.",
  "id": "GHSA-775r-5j4x-p42j",
  "modified": "2022-05-17T03:14:01Z",
  "published": "2022-05-17T03:14:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4216"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/75417"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032725"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1032726"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201506-0304

Vulnerability from variot - Updated: 2023-12-18 13:03

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630. SSH of root There is a vulnerability that bypasses authentication because it uses the same key that was authenticated with. Vendors have confirmed this vulnerability Bug ID CSCuu95988 , CSCuu95994 ,and CSCuu96630 It is released as.Authentication may be avoided by using a private key information obtained from another customer's installation by a third party. Multiple Cisco products are prone to a privilege-escalation vulnerability. This issue is being tracked by Cisco Bug ID's CSCuu95988, CSCuu95994, and CSCuu96630

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201506-0304",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "8.0.5"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "7.7.5"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "8.5.7"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "8.5.6"
      },
      {
        "model": "content security management virtual appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "9.0.0.087"
      },
      {
        "model": "content security management virtual appliance",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "8.4.0.0150"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "9.0.0"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.6.0"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0.0"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.7.0"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "8.5.1"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.5.0"
      },
      {
        "model": "e email security virtual appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2015.6.25 earlier"
      },
      {
        "model": "web security virtual appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2015.6.25 earlier"
      },
      {
        "model": "content security management virtual appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2015.6.25 earlier"
      },
      {
        "model": "web security virtual appliance",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "email security virtual appliance",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "security management virtual appliance devices",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2015-06-25"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.7"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.6"
      },
      {
        "model": "web security virtual appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "email security virtual appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "BID",
        "id": "75417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "75417"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-4216",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2015-4216",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-04097",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-82177",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-4216",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-04097",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201506-572",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-82177",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630. SSH of root There is a vulnerability that bypasses authentication because it uses the same key that was authenticated with. Vendors have confirmed this vulnerability Bug ID CSCuu95988 , CSCuu95994 ,and CSCuu96630 It is released as.Authentication may be avoided by using a private key information obtained from another customer\u0027s installation by a third party. Multiple Cisco products are prone to a privilege-escalation vulnerability. \nThis issue is being tracked by Cisco Bug ID\u0027s CSCuu95988, CSCuu95994, and CSCuu96630",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "BID",
        "id": "75417"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-4216",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "75417",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1032725",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1032726",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "db": "BID",
        "id": "75417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "id": "VAR-201506-0304",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      }
    ],
    "trust": 1.3790501266666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:03:26.462000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20150625-ironport",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150625-ironport"
      },
      {
        "title": "39462",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39462"
      },
      {
        "title": "cisco-sa-20150625-ironport",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/113/1130/1130064_cisco-sa-20150625-ironport-j.html"
      },
      {
        "title": "Cisco Virtual WSA/ESA/SMA defaults to patching SSH key vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/60160"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150625-ironport"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/75417"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1032725"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1032726"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4216"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4216"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.3,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39462"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "db": "BID",
        "id": "75417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "db": "BID",
        "id": "75417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-06-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "date": "2015-06-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "date": "2015-06-25T00:00:00",
        "db": "BID",
        "id": "75417"
      },
      {
        "date": "2015-06-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "date": "2015-06-26T10:59:03.327000",
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "date": "2015-06-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-06-30T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-04097"
      },
      {
        "date": "2016-12-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-82177"
      },
      {
        "date": "2015-06-25T00:00:00",
        "db": "BID",
        "id": "75417"
      },
      {
        "date": "2015-07-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      },
      {
        "date": "2016-12-28T17:44:57.883000",
        "db": "NVD",
        "id": "CVE-2015-4216"
      },
      {
        "date": "2015-06-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Cisco Vulnerabilities that prevent authentication in the remote support function of security virtual appliances",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-003283"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201506-572"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2015-AVI-266

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Email Security Virtual Appliance (ESAv)
Cisco	N/A	Cisco Web Security Virtual Appliance (WSAv)
Cisco	N/A	Cisco Security Management Virtual Appliance (SMAv)

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20150625-ironport du 25 juin 2015	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20150625-ironport du 25 juin 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Email Security Virtual Appliance (ESAv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Virtual Appliance (WSAv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Security Management Virtual Appliance (SMAv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-4216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4216"
    },
    {
      "name": "CVE-2015-4217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4217"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150625-ironport du 25    juin 2015",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
    }
  ],
  "reference": "CERTFR-2015-AVI-266",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-06-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150625-ironport du 25 juin 2015",
      "url": null
    }
  ]
}

CERTFR-2015-AVI-266

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Email Security Virtual Appliance (ESAv)
Cisco	N/A	Cisco Web Security Virtual Appliance (WSAv)
Cisco	N/A	Cisco Security Management Virtual Appliance (SMAv)

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20150625-ironport du 25 juin 2015	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20150625-ironport du 25 juin 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Email Security Virtual Appliance (ESAv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Web Security Virtual Appliance (WSAv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Security Management Virtual Appliance (SMAv)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2015-4216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4216"
    },
    {
      "name": "CVE-2015-4217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-4217"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150625-ironport du 25    juin 2015",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
    }
  ],
  "reference": "CERTFR-2015-AVI-266",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-06-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Cisco\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20150625-ironport du 25 juin 2015",
      "url": null
    }
  ]
}

CNVD-2015-04097

Vulnerability from cnvd - Published: 2015-06-30

Title

Cisco Virtual WSA/ESA/SMA默认授权SSH密钥漏洞

Description

Cisco Web Security Virtual Appliance（WSAv）、Email Security Virtual Appliance（ESAv）和Security Management Virtual Appliance（SMAv）都是美国思科（Cisco）公司的产品。Cisco WSAv是Web安全设备（WSA）的一个软件版本。ESAv是电子邮件安全设备（ESA）的一个软件版本。SMAv是内容安全管理设备（SMA）的一个软件版本。 Cisco WSAv, ESAv, SMAv设备中，remote-support功能使用了相同的默认SSH root授权密钥，这可使未经身份验证的远程攻击者以root权限访问受影响系统。

Severity

中

Patch Name

Cisco Virtual WSA/ESA/SMA默认授权SSH密钥漏洞的补丁

Patch Description

Formal description

Cisco已经为此发布了一个安全公告（cisco-sa-20150625-ironport）以及相应补丁: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport

Impacted products

Name
['Cisco Web Security Virtual Appliance', 'Cisco Email Security Virtual Appliance (ESAv)', 'Cisco Security Management Virtual Appliance (SMAv) devices <2015-06-25']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-4216"
    }
  },
  "description": "Cisco Web Security Virtual Appliance\uff08WSAv\uff09\u3001Email Security Virtual Appliance\uff08ESAv\uff09\u548cSecurity Management Virtual Appliance\uff08SMAv\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco WSAv\u662fWeb\u5b89\u5168\u8bbe\u5907\uff08WSA\uff09\u7684\u4e00\u4e2a\u8f6f\u4ef6\u7248\u672c\u3002ESAv\u662f\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u8bbe\u5907\uff08ESA\uff09\u7684\u4e00\u4e2a\u8f6f\u4ef6\u7248\u672c\u3002SMAv\u662f\u5185\u5bb9\u5b89\u5168\u7ba1\u7406\u8bbe\u5907\uff08SMA\uff09\u7684\u4e00\u4e2a\u8f6f\u4ef6\u7248\u672c\u3002\r\n\r\nCisco WSAv, ESAv, SMAv\u8bbe\u5907\u4e2d\uff0cremote-support\u529f\u80fd\u4f7f\u7528\u4e86\u76f8\u540c\u7684\u9ed8\u8ba4SSH root\u6388\u6743\u5bc6\u94a5\uff0c\u8fd9\u53ef\u4f7f\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u4ee5root\u6743\u9650\u8bbf\u95ee\u53d7\u5f71\u54cd\u7cfb\u7edf\u3002",
  "discovererName": "Cisco",
  "formalWay": "Cisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20150625-ironport\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-04097",
  "openTime": "2015-06-30",
  "patchDescription": "Cisco Web Security Virtual Appliance\uff08WSAv\uff09\u3001Email Security Virtual Appliance\uff08ESAv\uff09\u548cSecurity Management Virtual Appliance\uff08SMAv\uff09\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Cisco WSAv\u662fWeb\u5b89\u5168\u8bbe\u5907\uff08WSA\uff09\u7684\u4e00\u4e2a\u8f6f\u4ef6\u7248\u672c\u3002ESAv\u662f\u7535\u5b50\u90ae\u4ef6\u5b89\u5168\u8bbe\u5907\uff08ESA\uff09\u7684\u4e00\u4e2a\u8f6f\u4ef6\u7248\u672c\u3002SMAv\u662f\u5185\u5bb9\u5b89\u5168\u7ba1\u7406\u8bbe\u5907\uff08SMA\uff09\u7684\u4e00\u4e2a\u8f6f\u4ef6\u7248\u672c\u3002\r\n\r\nCisco WSAv, ESAv, SMAv\u8bbe\u5907\u4e2d\uff0cremote-support\u529f\u80fd\u4f7f\u7528\u4e86\u76f8\u540c\u7684\u9ed8\u8ba4SSH root\u6388\u6743\u5bc6\u94a5\uff0c\u8fd9\u53ef\u4f7f\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u4ee5root\u6743\u9650\u8bbf\u95ee\u53d7\u5f71\u54cd\u7cfb\u7edf\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Virtual WSA/ESA/SMA\u9ed8\u8ba4\u6388\u6743SSH\u5bc6\u94a5\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Web Security Virtual Appliance",
      "Cisco Email Security Virtual Appliance (ESAv)",
      "Cisco Security Management Virtual Appliance (SMAv) devices \u003c2015-06-25"
    ]
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport",
  "serverity": "\u4e2d",
  "submitTime": "2015-06-29",
  "title": "Cisco Virtual WSA/ESA/SMA\u9ed8\u8ba4\u6388\u6743SSH\u5bc6\u94a5\u6f0f\u6d1e"
}

GSD-2015-4216

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2015-4216

Aliases

CVE-2015-4216

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-4216",
    "description": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.",
    "id": "GSD-2015-4216"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-4216"
      ],
      "details": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.",
      "id": "GSD-2015-4216",
      "modified": "2023-12-13T01:19:59.478591Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-4216",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
          },
          {
            "name": "1032725",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032725"
          },
          {
            "name": "1032726",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1032726"
          },
          {
            "name": "75417",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/75417"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-4216"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
            },
            {
              "name": "75417",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/75417"
            },
            {
              "name": "1032726",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1032726"
            },
            {
              "name": "1032725",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1032725"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-28T17:44Z",
      "publishedDate": "2015-06-26T10:59Z"
    }
  }
}

FKIE_CVE-2015-4216

Vulnerability from fkie_nvd - Published: 2015-06-26 10:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/75417	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1032725	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id/1032726	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/75417	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032725	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032726	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	content_security_management_virtual_appliance	8.4.0.0150
cisco	content_security_management_virtual_appliance	9.0.0.087
cisco	email_security_virtual_appliance	8.0.0
cisco	email_security_virtual_appliance	8.5.6
cisco	email_security_virtual_appliance	8.5.7
cisco	email_security_virtual_appliance	9.0.0
cisco	web_security_virtual_appliance	7.7.5
cisco	web_security_virtual_appliance	8.0.5
cisco	web_security_virtual_appliance	8.5.0
cisco	web_security_virtual_appliance	8.5.1
cisco	web_security_virtual_appliance	8.6.0
cisco	web_security_virtual_appliance	8.7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7CC2842-66AE-4738-BF49-F491B4E1EF7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE947E42-6952-49E4-9674-5C8E0900E3BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A560D3EA-57DF-48A9-B7A1-957C226C625B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44102CA-6BE5-42AD-910B-3A0BA911FB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C7E609D-0414-40AD-BD7D-D708C3B36986",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C699F035-7418-4344-8FDE-7C180176186D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABB49075-4E5C-46F2-8436-0A7BA7161972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "048F0725-C1B9-4D21-B7FE-2E81E72CFBD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7837ACC-B42E-4099-BF9F-87523637C91A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "715190B6-9EBD-42DB-98B7-3FD410536F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E063B3C2-53CE-4732-8482-6A4B8EF0D02E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "675388FE-6B3D-4C90-BFB4-B997DDF47AB2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
    },
    {
      "lang": "es",
      "value": "La caracter\u00edstica de soporte remoto en los dispositivos Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), y Security Management Virtual Appliance (SMAv) anterior a 2015-06-25 utiliza la misma clave autorizada de root SSH por defecto en las instalaciones de clientes diferentes, lo que facilita a atacantes remotos evadir la autenticaci\u00f3n mediante el aprovechamiento de conocimiento de una clave privada de otra instalaci\u00f3n, tambi\u00e9n conocido como Bug IDs CSCuu95988, CSCuu95994, y CSCuu96630."
    }
  ],
  "id": "CVE-2015-4216",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-06-26T10:59:03.327",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/75417"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032725"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032726"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/75417"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1032726"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-4216 (GCVE-0-2015-4216)

GHSA-775R-5J4X-P42J

VAR-201506-0304

CERTFR-2015-AVI-266

Solution

CERTFR-2015-AVI-266

Solution

CNVD-2015-04097

GSD-2015-4216

FKIE_CVE-2015-4216

Tags

Sightings

Nomenclature