CVE-2015-4216
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.
La característica de soporte remoto en los dispositivos Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), y Security Management Virtual Appliance (SMAv) anterior a 2015-06-25 utiliza la misma clave autorizada de root SSH por defecto en las instalaciones de clientes diferentes, lo que facilita a atacantes remotos evadir la autenticación mediante el aprovechamiento de conocimiento de una clave privada de otra instalación, también conocido como Bug IDs CSCuu95988, CSCuu95994, y CSCuu96630.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-06-04 CVE Reserved
- 2015-06-26 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/75417 | Third Party Advisory | |
| http://www.securitytracker.com/id/1032725 | Third Party Advisory | |
| http://www.securitytracker.com/id/1032726 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport | 2016-12-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Content Security Management Virtual Appliance Search vendor "Cisco" for product "Content Security Management Virtual Appliance" | 8.4.0.0150 Search vendor "Cisco" for product "Content Security Management Virtual Appliance" and version "8.4.0.0150" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Content Security Management Virtual Appliance Search vendor "Cisco" for product "Content Security Management Virtual Appliance" | 9.0.0.087 Search vendor "Cisco" for product "Content Security Management Virtual Appliance" and version "9.0.0.087" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Virtual Appliance Search vendor "Cisco" for product "Email Security Virtual Appliance" | 8.0.0 Search vendor "Cisco" for product "Email Security Virtual Appliance" and version "8.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Virtual Appliance Search vendor "Cisco" for product "Email Security Virtual Appliance" | 8.5.6 Search vendor "Cisco" for product "Email Security Virtual Appliance" and version "8.5.6" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Virtual Appliance Search vendor "Cisco" for product "Email Security Virtual Appliance" | 8.5.7 Search vendor "Cisco" for product "Email Security Virtual Appliance" and version "8.5.7" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Virtual Appliance Search vendor "Cisco" for product "Email Security Virtual Appliance" | 9.0.0 Search vendor "Cisco" for product "Email Security Virtual Appliance" and version "9.0.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Virtual Appliance Search vendor "Cisco" for product "Web Security Virtual Appliance" | 7.7.5 Search vendor "Cisco" for product "Web Security Virtual Appliance" and version "7.7.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Virtual Appliance Search vendor "Cisco" for product "Web Security Virtual Appliance" | 8.0.5 Search vendor "Cisco" for product "Web Security Virtual Appliance" and version "8.0.5" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Virtual Appliance Search vendor "Cisco" for product "Web Security Virtual Appliance" | 8.5.0 Search vendor "Cisco" for product "Web Security Virtual Appliance" and version "8.5.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Virtual Appliance Search vendor "Cisco" for product "Web Security Virtual Appliance" | 8.5.1 Search vendor "Cisco" for product "Web Security Virtual Appliance" and version "8.5.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Virtual Appliance Search vendor "Cisco" for product "Web Security Virtual Appliance" | 8.6.0 Search vendor "Cisco" for product "Web Security Virtual Appliance" and version "8.6.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Web Security Virtual Appliance Search vendor "Cisco" for product "Web Security Virtual Appliance" | 8.7.0 Search vendor "Cisco" for product "Web Security Virtual Appliance" and version "8.7.0" | - |
Affected
| ||||||