Vulnerability CVE-2015-6358


Published: 2017-10-12   Modified: 2017-11-03

Description:
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

Vendor: Cisco
Product: Rtp300 firmware 
Version: 3.1.24;
Product: Wap2000 firmware 
Version: 2.0.8.0;
Product: Wet200 firmware 
Version: 2.0.8.0;
Product: Wap4410n firmware 
Version: 2.0.7.8;
Product: Wap200 firmware 
Version: 2.0.6.0;
Product: Rvs4000 firmware 
Version: 2.0.3.4;
Product: Srw224p firmware 
Version: 2.0.2.4;
Product: Wrvs4400n firmware 
Version: 2.0.2.2;
Product: Wrv210 firmware 
Version: 2.0.1.5;
Product: Rv320 firmware 
Version: 1.3.1.10;
Product: Rv325 firmware 
Version: 1.3.1.10;
Product: Srp520-u firmware 
Version: 1.2.6;
Product: Pvc2300 firmware 
Version: 1.1.2.6;
Product: Wvc2300 firmware 
Version: 1.1.2.6;
Product: Spa400 firmware 
Version: 1.1.2.2;
Product: Srp520 firmware 
Version: 1.01.29;
Product: Rv315w firmware 
Version: 1.01.03;
Product: Rv120w firmware 
Version: 1.0.5.9;
Product: Rv180 firmware 
Version: 1.0.5.4;
Product: Rv180w firmware 
Version: 1.0.5.4;
Product: Rv220w firmware 
Version: 1.0.4.17;
Product: Wrv200 firmware 
Version: 1.0.39;
Product: Wrp500 firmware 
Version: 1.0.1.002;
Product: Wap4400n firmware 

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci
http://www.kb.cert.org/vuls/id/566724
http://www.securityfocus.com/bid/78047
http://www.securitytracker.com/id/1034255
http://www.securitytracker.com/id/1034256
http://www.securitytracker.com/id/1034257
http://www.securitytracker.com/id/1034258

Related CVE
CVE-2017-12372
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12371
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12370
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12369
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user w...
CVE-2017-12368
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing ...
CVE-2017-12367
A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a us...
CVE-2017-12366
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some param...
CVE-2017-12365
A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product. An attacker could execute a query on an Event Center site to vie...

Copyright 2017, cxsecurity.com

 

Back to Top