Lucene search

CiscoCVE-2015-4217

HistoryJun 26, 2015 - 10:59 a.m.

CVE-2015-4217

2015-06-2610:59:04

CWE-200

CWE-310

cisco

web.nvd.nist.gov

cve-2015-4217

cisco

web security

virtual appliance

email security

ssh

cryptographic protection

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.002

Percentile

58.7%

JSON

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers’ installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.

Affected configurations

Nvd

Node

ciscocontent_security_management_virtual_applianceMatch8.4.0.0150

ciscocontent_security_management_virtual_applianceMatch9.0.0.087

ciscoemail_security_virtual_applianceMatch8.0.0

ciscoemail_security_virtual_applianceMatch8.5.6

ciscoemail_security_virtual_applianceMatch8.5.7

ciscoemail_security_virtual_applianceMatch9.0.0

ciscoweb_security_virtual_applianceMatch7.7.5

ciscoweb_security_virtual_applianceMatch8.0.5

ciscoweb_security_virtual_applianceMatch8.5.0

ciscoweb_security_virtual_applianceMatch8.5.1

ciscoweb_security_virtual_applianceMatch8.6.0

ciscoweb_security_virtual_applianceMatch8.7.0

VendorProductVersionCPE
ciscocontent_security_management_virtual_appliance8.4.0.0150cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*
ciscocontent_security_management_virtual_appliance9.0.0.087cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*
ciscoemail_security_virtual_appliance8.0.0cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*
ciscoemail_security_virtual_appliance8.5.6cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*
ciscoemail_security_virtual_appliance8.5.7cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*
ciscoemail_security_virtual_appliance9.0.0cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*
ciscoweb_security_virtual_appliance7.7.5cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*
ciscoweb_security_virtual_appliance8.0.5cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*
ciscoweb_security_virtual_appliance8.5.0cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*
ciscoweb_security_virtual_appliance8.5.1cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	content_security_management_virtual_appliance	8.4.0.0150	cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:::::::*
cisco	content_security_management_virtual_appliance	9.0.0.087	cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:::::::*
cisco	email_security_virtual_appliance	8.0.0	cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:::::::*
cisco	email_security_virtual_appliance	8.5.6	cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:::::::*
cisco	email_security_virtual_appliance	8.5.7	cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:::::::*
cisco	email_security_virtual_appliance	9.0.0	cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:::::::*
cisco	web_security_virtual_appliance	7.7.5	cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:::::::*
cisco	web_security_virtual_appliance	8.0.5	cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:::::::*
cisco	web_security_virtual_appliance	8.5.0	cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:::::::*
cisco	web_security_virtual_appliance	8.5.1	cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:::::::*