CVE-2015-6358

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

CVSS v3.0 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securitytracker.com/id/1034258	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034257	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034256	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034255	Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/78047	Third Party Advisory VDB Entry
http://www.kb.cert.org/vuls/id/566724	Third Party Advisory US Government Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci	Issue Tracking Patch Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:cisco:wrv210_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrv210:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:cisco:wap4410n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap4410n:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:cisco:wrv200_firmware:1.0.39:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrv200:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:cisco:wrvs4400n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrvs4400n:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:cisco:wap200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap200:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:cisco:wvc2300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wvc2300:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:cisco:pvc2300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:pvc2300:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:cisco:srw224p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:srw224p:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:cisco:wet200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wet200:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:cisco:wap2000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap2000:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:cisco:wap4400n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wap4400n:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:cisco:rv120w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv120w:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:cisco:rv180_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv180:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:cisco:rv180w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv180w:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:cisco:rv315w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv315w:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:cisco:srp520_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:srp520:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:cisco:srp520-u_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:srp520-u:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:cisco:wrp500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:wrp500:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:cisco:spa400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:spa400:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:cisco:rtp300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rtp300:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:cisco:rv220w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv220w:-:*:*:*:*:*:*:*

Information

Published : 2017-10-12 08:29

Updated : 2017-11-03 09:46

NVD link : CVE-2015-6358

Mitre link : CVE-2015-6358

JSON object : View

CWE

CWE-295

Improper Certificate Validation

Products Affected

cisco

spa400
rv120w
rv220w_firmware
wap4400n_firmware
srp520
pvc2300_firmware
wrv200_firmware
wap200
srp520-u_firmware
wvc2300
srw224p_firmware
rv325
wrv210
rv320
rtp300_firmware
wrvs4400n
wrp500
wvc2300_firmware
wap4400n
rv180w_firmware
rv315w
wrv200
rvs4000
srw224p
wet200
spa400_firmware
wrv210_firmware
wap2000
wap4410n
wap2000_firmware
rv320_firmware
srp520_firmware
wap4410n_firmware
srp520-u
rv180_firmware
rv325_firmware
wap200_firmware
rv180
rtp300
rvs4000_firmware
rv120w_firmware
pvc2300
wrvs4400n_firmware
wet200_firmware
rv315w_firmware
wrp500_firmware
rv180w
rv220w

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2015-6358

5.9^/10

4.3^/10

Attach tags to `CVE-2015-6358`