cvelistv5 - cve-2015-6418

CVE-2015-6418 (GCVE-0-2015-6418)

Vulnerability from cvelistv5 – Published: 2015-12-13 02:00 – Updated: 2024-08-06 07:22

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1034408	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1034409	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/78876	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:22:21.131Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
          },
          {
            "name": "1034408",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034408"
          },
          {
            "name": "1034409",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1034409"
          },
          {
            "name": "78876",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/78876"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
        },
        {
          "name": "1034408",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034408"
        },
        {
          "name": "1034409",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1034409"
        },
        {
          "name": "78876",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/78876"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6418",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
            },
            {
              "name": "1034408",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034408"
            },
            {
              "name": "1034409",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1034409"
            },
            {
              "name": "78876",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/78876"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2015-6418",
    "datePublished": "2015-12-13T02:00:00",
    "dateReserved": "2015-08-17T00:00:00",
    "dateUpdated": "2024-08-06T07:22:21.131Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5242A08F-0736-4FAC-B015-46BBF1115B08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6B17623-8183-4C2C-A1BD-1654200D6AC3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7D2641C-CCFF-411A-96B4-F8823F4B4BA5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C8A650F-4509-4632-92D3-72C412A49012\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC822B95-469E-4DB8-A1C0-B4AAA3D3644F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"487B2A80-30AD-45F8-A46D-21E04888F3EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00D012E7-A12E-44ED-8173-C8B254902886\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"303C48D9-1069-486B-8933-F51DFC82EDAC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5F4636E-25F8-40E3-909F-CB9B93E290E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDB96FF7-13B9-482F-85E7-C1C68287CF41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF1CDD04-A345-4982-A055-BBC990873C4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C92A1CD-5AE8-421E-A813-A2738219B673\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.\"}, {\"lang\": \"es\", \"value\": \"El generador de n\\u00famero aleatorio en routers Cisco Small Business RV 4.x y dispositivos de seguridad SA500 2.2.07 no tiene suficiente entrop\\u00eda, lo que hace que sea m\\u00e1s f\\u00e1cil para atacantes remotos determinar un par de claves TLS a trav\\u00e9s de computaciones no especificadas sobre datos de intercambio de clave en el apret\\u00f3n de manos, tambi\\u00e9n conocido como Bug ID CSCus15224.\"}]",
      "id": "CVE-2015-6418",
      "lastModified": "2024-11-21T02:34:57.660",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2015-12-13T03:59:09.477",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/78876\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1034408\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1034409\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/78876\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1034408\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1034409\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2015-6418\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-12-13T03:59:09.477\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.\"},{\"lang\":\"es\",\"value\":\"El generador de n\u00famero aleatorio en routers Cisco Small Business RV 4.x y dispositivos de seguridad SA500 2.2.07 no tiene suficiente entrop\u00eda, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos determinar un par de claves TLS a trav\u00e9s de computaciones no especificadas sobre datos de intercambio de clave en el apret\u00f3n de manos, tambi\u00e9n conocido como Bug ID CSCus15224.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5242A08F-0736-4FAC-B015-46BBF1115B08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6B17623-8183-4C2C-A1BD-1654200D6AC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7D2641C-CCFF-411A-96B4-F8823F4B4BA5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C8A650F-4509-4632-92D3-72C412A49012\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC822B95-469E-4DB8-A1C0-B4AAA3D3644F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"487B2A80-30AD-45F8-A46D-21E04888F3EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00D012E7-A12E-44ED-8173-C8B254902886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"303C48D9-1069-486B-8933-F51DFC82EDAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5F4636E-25F8-40E3-909F-CB9B93E290E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB96FF7-13B9-482F-85E7-C1C68287CF41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF1CDD04-A345-4982-A055-BBC990873C4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C92A1CD-5AE8-421E-A813-A2738219B673\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/78876\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1034408\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1034409\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/78876\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034408\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1034409\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2015-6418

Vulnerability from fkie_nvd - Published: 2015-12-13 03:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/78876
psirt@cisco.com	http://www.securitytracker.com/id/1034408
psirt@cisco.com	http://www.securitytracker.com/id/1034409
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/78876
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034408
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034409

Impacted products

Vendor	Product	Version
cisco	sa520	2.2.07
cisco	sa520w	2.2.07
cisco	sa540	2.2.07
cisco	rv016_multi-wan_vpn_firmware	4.0.0.7
cisco	rv016_multi-wan_vpn_firmware	4.0.2.8
cisco	rv016_multi-wan_vpn_firmware	4.0.5.0
cisco	rv042_dual_wan_vpn_router_firmware	4.0.2.8
cisco	rv042g_dual_gigabit_wan_vpn_firmware	4.0.0.7
cisco	rv042g_dual_gigabit_wan_vpn_firmware	4.2.2.7
cisco	rv042g_dual_gigabit_wan_vpn_firmware	4.2.2.8
cisco	rv082_dual_wan_vpn_router_firmware	4.0.0.7
cisco	rv082_dual_wan_vpn_router_firmware	4.0.2.8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "5242A08F-0736-4FAC-B015-46BBF1115B08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B17623-8183-4C2C-A1BD-1654200D6AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7D2641C-CCFF-411A-96B4-F8823F4B4BA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C8A650F-4509-4632-92D3-72C412A49012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC822B95-469E-4DB8-A1C0-B4AAA3D3644F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "487B2A80-30AD-45F8-A46D-21E04888F3EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D012E7-A12E-44ED-8173-C8B254902886",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "303C48D9-1069-486B-8933-F51DFC82EDAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5F4636E-25F8-40E3-909F-CB9B93E290E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB96FF7-13B9-482F-85E7-C1C68287CF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF1CDD04-A345-4982-A055-BBC990873C4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C92A1CD-5AE8-421E-A813-A2738219B673",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
    },
    {
      "lang": "es",
      "value": "El generador de n\u00famero aleatorio en routers Cisco Small Business RV 4.x y dispositivos de seguridad SA500 2.2.07 no tiene suficiente entrop\u00eda, lo que hace que sea m\u00e1s f\u00e1cil para atacantes remotos determinar un par de claves TLS a trav\u00e9s de computaciones no especificadas sobre datos de intercambio de clave en el apret\u00f3n de manos, tambi\u00e9n conocido como Bug ID CSCus15224."
    }
  ],
  "id": "CVE-2015-6418",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-12-13T03:59:09.477",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/78876"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034408"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1034409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/78876"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034408"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034409"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-9RCV-P8FH-P3CH

Vulnerability from github – Published: 2022-05-17 03:26 – Updated: 2022-05-17 03:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6418"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-12-13T03:59:00Z",
    "severity": "MODERATE"
  },
  "details": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.",
  "id": "GHSA-9rcv-p8fh-p3ch",
  "modified": "2022-05-17T03:26:33Z",
  "published": "2022-05-17T03:26:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6418"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/78876"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034408"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034409"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2015-6418

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2015-6418

Aliases

CVE-2015-6418

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6418",
    "description": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.",
    "id": "GSD-2015-6418"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6418"
      ],
      "details": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.",
      "id": "GSD-2015-6418",
      "modified": "2023-12-13T01:20:04.087220Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2015-6418",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
          },
          {
            "name": "1034408",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034408"
          },
          {
            "name": "1034409",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034409"
          },
          {
            "name": "78876",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/78876"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2015-6418"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20151210 Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr"
            },
            {
              "name": "78876",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/78876"
            },
            {
              "name": "1034409",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034409"
            },
            {
              "name": "1034408",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034408"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-12-07T18:20Z",
      "publishedDate": "2015-12-13T03:59Z"
    }
  }
}

VAR-201512-0393

Vulnerability from variot - Updated: 2023-12-18 13:24

The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224. Vendors have confirmed this vulnerability Bug ID CSCus15224 It is released as.Through unspecified calculations in the handshake of key exchange data by a third party, TLS Key pairs may be identified. The Cisco Small Business RV Series Routers provide virtual private network technology remotely. An attacker can exploit this issue to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. This issue is being tracked by following Cisco Bug IDs: CSCus15224 CSCus15238 CSCus15436 CSCus15440 CSCus15446 CSCus15451 CSCus15463

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0393",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "rv082 dual wan vpn router",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "cisco",
        "version": "4.0.2.8"
      },
      {
        "model": "rv082 dual wan vpn router",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "cisco",
        "version": "4.0.0.7"
      },
      {
        "model": "rv042 dual wan vpn router",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "cisco",
        "version": "4.0.2.8"
      },
      {
        "model": "sa520",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2.07"
      },
      {
        "model": "rv016 multi-wan vpn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0.0.7"
      },
      {
        "model": "rv042g dual gigabit wan vpn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.2.8"
      },
      {
        "model": "sa540",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2.07"
      },
      {
        "model": "rv042g dual gigabit wan vpn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0.0.7"
      },
      {
        "model": "rv016 multi-wan vpn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0.5.0"
      },
      {
        "model": "rv042g dual gigabit wan vpn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.2.2.7"
      },
      {
        "model": "sa520w",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.2.07"
      },
      {
        "model": "rv016 multi-wan vpn",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0.2.8"
      },
      {
        "model": "rv042g dual gigabit wan vpn router",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "4.2.2.8"
      },
      {
        "model": "rv042g dual gigabit wan vpn router",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "4.2.2.7"
      },
      {
        "model": "rv042g dual gigabit wan vpn router",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "4.2.1.2"
      },
      {
        "model": "rv016 multi-wan vpn router",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "4.0.5.0"
      },
      {
        "model": "rv016 multi-wan vpn router",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "4.0.2.8"
      },
      {
        "model": "rv016 multi-wan vpn router",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "4.0.0.7"
      },
      {
        "model": "sa520 security appliance",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.2.07"
      },
      {
        "model": "sa520w security appliance",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.2.07"
      },
      {
        "model": "sa540 security appliance",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.2.07"
      },
      {
        "model": "small business rv",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.x"
      },
      {
        "model": "sa540 security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2.7"
      },
      {
        "model": "sa520w security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2.7"
      },
      {
        "model": "sa520 security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2.7"
      },
      {
        "model": "rv082 dual wan vpn router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2.2.8"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "BID",
        "id": "78876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:cisco:sa520:2.2.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:sa540:2.2.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:cisco:sa520w:2.2.07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv082_dual_wan_vpn_router_firmware:4.0.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv016_multi-wan_vpn_firmware:4.0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:rv042g_dual_gigabit_wan_vpn_firmware:4.2.2.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "78876"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-6418",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2015-6418",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.8,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2015-08068",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-84379",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2015-6418",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-08068",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201512-401",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-84379",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2015-6418",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224. Vendors have confirmed this vulnerability Bug ID CSCus15224 It is released as.Through unspecified calculations in the handshake of key exchange data by a third party, TLS Key pairs may be identified. The Cisco Small Business RV Series Routers provide virtual private network technology remotely. \nAn attacker can exploit this issue to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. \nThis issue is being tracked by following Cisco Bug IDs:\nCSCus15224\nCSCus15238\nCSCus15436\nCSCus15440\nCSCus15446\nCSCus15451\nCSCus15463",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "BID",
        "id": "78876"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2015-6418",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "78876",
        "trust": 2.1
      },
      {
        "db": "SECTRACK",
        "id": "1034409",
        "trust": 1.2
      },
      {
        "db": "SECTRACK",
        "id": "1034408",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "db": "BID",
        "id": "78876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "id": "VAR-201512-0393",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      }
    ],
    "trust": 1.2871463342857141
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:24:40.181000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20151210-dwvr",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151210-dwvr"
      },
      {
        "title": "Patch for Cisco Small Business RV Router Information Disclosure Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/68148"
      },
      {
        "title": "Cisco Small Business RV Series Routers  and SA500 Series Security Appliances Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59216"
      },
      {
        "title": "Cisco: Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20151210-dwvr"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151210-dwvr"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/78876"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1034408"
      },
      {
        "trust": 1.2,
        "url": "http://www.securitytracker.com/id/1034409"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6418"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6418"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/200.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "db": "BID",
        "id": "78876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "db": "BID",
        "id": "78876"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-12-11T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "date": "2015-12-13T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "date": "2015-12-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "date": "2015-12-10T00:00:00",
        "db": "BID",
        "id": "78876"
      },
      {
        "date": "2015-12-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "date": "2015-12-13T03:59:09.477000",
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "date": "2015-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-12-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-08068"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-84379"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2015-6418"
      },
      {
        "date": "2015-12-10T00:00:00",
        "db": "BID",
        "id": "78876"
      },
      {
        "date": "2015-12-16T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      },
      {
        "date": "2016-12-07T18:20:12.883000",
        "db": "NVD",
        "id": "CVE-2015-6418"
      },
      {
        "date": "2015-12-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Small Business RV Router and  SA500 Security Appliance In the random number generator running on  TLS Vulnerabilities that identify key pairs",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006398"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201512-401"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2015-08068

Vulnerability from cnvd - Published: 2015-12-11

Title

Cisco Small Business RV路由器信息泄露漏洞

Description

Cisco Small Business RV系列路由器可提供虚拟专用网络技术远程。 Cisco Small Business RV路由器4.x、SA500安全设备2.2.07版本随机数生成器未能有效的熵，可使远程攻击者通过握手密钥交换数据的计算，确定TLS密钥对。

Severity

高

Patch Name

Cisco Small Business RV路由器信息泄露漏洞的补丁

Patch Description

Cisco Small Business RV系列路由器可提供虚拟专用网络技术远程。 Cisco Small Business RV路由器4.x、SA500安全设备2.2.07版本随机数生成器未能有效的熵，可使远程攻击者通过握手密钥交换数据的计算，确定TLS密钥对。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

Cisco已经为此发布了一个安全公告（cisco-sa-20151210-dwvr）以及相应补丁: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr

Impacted products

Name
Cisco Small Business RV 4.x

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "78876"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6418"
    }
  },
  "description": "Cisco Small Business RV\u7cfb\u5217\u8def\u7531\u5668\u53ef\u63d0\u4f9b\u865a\u62df\u4e13\u7528\u7f51\u7edc\u6280\u672f\u8fdc\u7a0b\u3002\r\n\r\nCisco Small Business RV\u8def\u7531\u56684.x\u3001SA500\u5b89\u5168\u8bbe\u59072.2.07\u7248\u672c\u968f\u673a\u6570\u751f\u6210\u5668\u672a\u80fd\u6709\u6548\u7684\u71b5\uff0c\u53ef\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u63e1\u624b\u5bc6\u94a5\u4ea4\u6362\u6570\u636e\u7684\u8ba1\u7b97\uff0c\u786e\u5b9aTLS\u5bc6\u94a5\u5bf9\u3002",
  "discovererName": "Cisco",
  "formalWay": "Cisco\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08cisco-sa-20151210-dwvr\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-08068",
  "openTime": "2015-12-11",
  "patchDescription": "Cisco Small Business RV\u7cfb\u5217\u8def\u7531\u5668\u53ef\u63d0\u4f9b\u865a\u62df\u4e13\u7528\u7f51\u7edc\u6280\u672f\u8fdc\u7a0b\u3002\r\n\r\nCisco Small Business RV\u8def\u7531\u56684.x\u3001SA500\u5b89\u5168\u8bbe\u59072.2.07\u7248\u672c\u968f\u673a\u6570\u751f\u6210\u5668\u672a\u80fd\u6709\u6548\u7684\u71b5\uff0c\u53ef\u4f7f\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u63e1\u624b\u5bc6\u94a5\u4ea4\u6362\u6570\u636e\u7684\u8ba1\u7b97\uff0c\u786e\u5b9aTLS\u5bc6\u94a5\u5bf9\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Small Business RV\u8def\u7531\u5668\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco Small Business RV 4.x"
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr",
  "serverity": "\u9ad8",
  "submitTime": "2015-12-10",
  "title": "Cisco Small Business RV\u8def\u7531\u5668\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-6418 (GCVE-0-2015-6418)

FKIE_CVE-2015-6418

GHSA-9RCV-P8FH-P3CH

GSD-2015-6418

VAR-201512-0393

CNVD-2015-08068

Tags

Sightings

Nomenclature