CVE-2015-6358

Severity Score

5.9

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

Múltiples dispositivos con software de Cisco incorporado utilizan certificados X.509 embebidos y claves de host SSH embebidas en el firmware, lo que permite que atacantes remotos superen los mecanismos de protección criptográfica y realicen ataques Man-in-the-Middle (MitM) sabiendo de estos certificados y claves de otra instalación. Esto también se conoce por los siguientes Bug ID: CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899 y CSCuw90913.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-08-17 CVE Reserved
2017-10-12 CVE Published
2024-01-16 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-295: Improper Certificate Validation

CAPEC

References (7)

URL	Tag	Source
http://www.kb.cert.org/vuls/id/566724	Third Party Advisory
http://www.securityfocus.com/bid/78047	Third Party Advisory
http://www.securitytracker.com/id/1034255	Third Party Advisory
http://www.securitytracker.com/id/1034256	Third Party Advisory
http://www.securitytracker.com/id/1034257	Third Party Advisory
http://www.securitytracker.com/id/1034258	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci	2017-11-03

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"	Rv320 Firmware Search vendor "Cisco" for product "Rv320 Firmware"	<= 1.3.1.10 Search vendor "Cisco" for product "Rv320 Firmware" and version " <= 1.3.1.10"	-	Affected	in	Cisco Search vendor "Cisco"	Rv320 Search vendor "Cisco" for product "Rv320"	-	-	Safe
Cisco Search vendor "Cisco"	Rv325 Firmware Search vendor "Cisco" for product "Rv325 Firmware"	<= 1.3.1.10 Search vendor "Cisco" for product "Rv325 Firmware" and version " <= 1.3.1.10"	-	Affected	in	Cisco Search vendor "Cisco"	Rv325 Search vendor "Cisco" for product "Rv325"	-	-	Safe
Cisco Search vendor "Cisco"	Rvs4000 Firmware Search vendor "Cisco" for product "Rvs4000 Firmware"	<= 2.0.3.4 Search vendor "Cisco" for product "Rvs4000 Firmware" and version " <= 2.0.3.4"	-	Affected	in	Cisco Search vendor "Cisco"	Rvs4000 Search vendor "Cisco" for product "Rvs4000"	-	-	Safe
Cisco Search vendor "Cisco"	Wrv210 Firmware Search vendor "Cisco" for product "Wrv210 Firmware"	<= 2.0.1.5 Search vendor "Cisco" for product "Wrv210 Firmware" and version " <= 2.0.1.5"	-	Affected	in	Cisco Search vendor "Cisco"	Wrv210 Search vendor "Cisco" for product "Wrv210"	-	-	Safe
Cisco Search vendor "Cisco"	Wap4410n Firmware Search vendor "Cisco" for product "Wap4410n Firmware"	<= 2.0.7.8 Search vendor "Cisco" for product "Wap4410n Firmware" and version " <= 2.0.7.8"	-	Affected	in	Cisco Search vendor "Cisco"	Wap4410n Search vendor "Cisco" for product "Wap4410n"	-	-	Safe
Cisco Search vendor "Cisco"	Wrv200 Firmware Search vendor "Cisco" for product "Wrv200 Firmware"	1.0.39 Search vendor "Cisco" for product "Wrv200 Firmware" and version "1.0.39"	-	Affected	in	Cisco Search vendor "Cisco"	Wrv200 Search vendor "Cisco" for product "Wrv200"	-	-	Safe
Cisco Search vendor "Cisco"	Wrvs4400n Firmware Search vendor "Cisco" for product "Wrvs4400n Firmware"	<= 2.0.2.2 Search vendor "Cisco" for product "Wrvs4400n Firmware" and version " <= 2.0.2.2"	-	Affected	in	Cisco Search vendor "Cisco"	Wrvs4400n Search vendor "Cisco" for product "Wrvs4400n"	-	-	Safe
Cisco Search vendor "Cisco"	Wap200 Firmware Search vendor "Cisco" for product "Wap200 Firmware"	<= 2.0.6.0 Search vendor "Cisco" for product "Wap200 Firmware" and version " <= 2.0.6.0"	-	Affected	in	Cisco Search vendor "Cisco"	Wap200 Search vendor "Cisco" for product "Wap200"	-	-	Safe
Cisco Search vendor "Cisco"	Wvc2300 Firmware Search vendor "Cisco" for product "Wvc2300 Firmware"	<= 1.1.2.6 Search vendor "Cisco" for product "Wvc2300 Firmware" and version " <= 1.1.2.6"	-	Affected	in	Cisco Search vendor "Cisco"	Wvc2300 Search vendor "Cisco" for product "Wvc2300"	-	-	Safe
Cisco Search vendor "Cisco"	Pvc2300 Firmware Search vendor "Cisco" for product "Pvc2300 Firmware"	<= 1.1.2.6 Search vendor "Cisco" for product "Pvc2300 Firmware" and version " <= 1.1.2.6"	-	Affected	in	Cisco Search vendor "Cisco"	Pvc2300 Search vendor "Cisco" for product "Pvc2300"	-	-	Safe
Cisco Search vendor "Cisco"	Srw224p Firmware Search vendor "Cisco" for product "Srw224p Firmware"	<= 2.0.2.4 Search vendor "Cisco" for product "Srw224p Firmware" and version " <= 2.0.2.4"	-	Affected	in	Cisco Search vendor "Cisco"	Srw224p Search vendor "Cisco" for product "Srw224p"	-	-	Safe
Cisco Search vendor "Cisco"	Wet200 Firmware Search vendor "Cisco" for product "Wet200 Firmware"	<= 2.0.8.0 Search vendor "Cisco" for product "Wet200 Firmware" and version " <= 2.0.8.0"	-	Affected	in	Cisco Search vendor "Cisco"	Wet200 Search vendor "Cisco" for product "Wet200"	-	-	Safe
Cisco Search vendor "Cisco"	Wap2000 Firmware Search vendor "Cisco" for product "Wap2000 Firmware"	<= 2.0.8.0 Search vendor "Cisco" for product "Wap2000 Firmware" and version " <= 2.0.8.0"	-	Affected	in	Cisco Search vendor "Cisco"	Wap2000 Search vendor "Cisco" for product "Wap2000"	-	-	Safe
Cisco Search vendor "Cisco"	Wap4400n Firmware Search vendor "Cisco" for product "Wap4400n Firmware"	*	-	Affected	in	Cisco Search vendor "Cisco"	Wap4400n Search vendor "Cisco" for product "Wap4400n"	-	-	Safe
Cisco Search vendor "Cisco"	Rv120w Firmware Search vendor "Cisco" for product "Rv120w Firmware"	<= 1.0.5.9 Search vendor "Cisco" for product "Rv120w Firmware" and version " <= 1.0.5.9"	-	Affected	in	Cisco Search vendor "Cisco"	Rv120w Search vendor "Cisco" for product "Rv120w"	-	-	Safe
Cisco Search vendor "Cisco"	Rv180 Firmware Search vendor "Cisco" for product "Rv180 Firmware"	<= 1.0.5.4 Search vendor "Cisco" for product "Rv180 Firmware" and version " <= 1.0.5.4"	-	Affected	in	Cisco Search vendor "Cisco"	Rv180 Search vendor "Cisco" for product "Rv180"	-	-	Safe
Cisco Search vendor "Cisco"	Rv180w Firmware Search vendor "Cisco" for product "Rv180w Firmware"	<= 1.0.5.4 Search vendor "Cisco" for product "Rv180w Firmware" and version " <= 1.0.5.4"	-	Affected	in	Cisco Search vendor "Cisco"	Rv180w Search vendor "Cisco" for product "Rv180w"	-	-	Safe
Cisco Search vendor "Cisco"	Rv315w Firmware Search vendor "Cisco" for product "Rv315w Firmware"	<= 1.01.03 Search vendor "Cisco" for product "Rv315w Firmware" and version " <= 1.01.03"	-	Affected	in	Cisco Search vendor "Cisco"	Rv315w Search vendor "Cisco" for product "Rv315w"	-	-	Safe
Cisco Search vendor "Cisco"	Srp520 Firmware Search vendor "Cisco" for product "Srp520 Firmware"	<= 1.01.29 Search vendor "Cisco" for product "Srp520 Firmware" and version " <= 1.01.29"	-	Affected	in	Cisco Search vendor "Cisco"	Srp520 Search vendor "Cisco" for product "Srp520"	-	-	Safe
Cisco Search vendor "Cisco"	Srp520-u Firmware Search vendor "Cisco" for product "Srp520-u Firmware"	<= 1.2.6 Search vendor "Cisco" for product "Srp520-u Firmware" and version " <= 1.2.6"	-	Affected	in	Cisco Search vendor "Cisco"	Srp520-u Search vendor "Cisco" for product "Srp520-u"	-	-	Safe
Cisco Search vendor "Cisco"	Wrp500 Firmware Search vendor "Cisco" for product "Wrp500 Firmware"	<= 1.0.1.002 Search vendor "Cisco" for product "Wrp500 Firmware" and version " <= 1.0.1.002"	-	Affected	in	Cisco Search vendor "Cisco"	Wrp500 Search vendor "Cisco" for product "Wrp500"	-	-	Safe
Cisco Search vendor "Cisco"	Spa400 Firmware Search vendor "Cisco" for product "Spa400 Firmware"	<= 1.1.2.2 Search vendor "Cisco" for product "Spa400 Firmware" and version " <= 1.1.2.2"	-	Affected	in	Cisco Search vendor "Cisco"	Spa400 Search vendor "Cisco" for product "Spa400"	-	-	Safe
Cisco Search vendor "Cisco"	Rtp300 Firmware Search vendor "Cisco" for product "Rtp300 Firmware"	<= 3.1.24 Search vendor "Cisco" for product "Rtp300 Firmware" and version " <= 3.1.24"	-	Affected	in	Cisco Search vendor "Cisco"	Rtp300 Search vendor "Cisco" for product "Rtp300"	-	-	Safe
Cisco Search vendor "Cisco"	Rv220w Firmware Search vendor "Cisco" for product "Rv220w Firmware"	<= 1.0.4.17 Search vendor "Cisco" for product "Rv220w Firmware" and version " <= 1.0.4.17"	-	Affected	in	Cisco Search vendor "Cisco"	Rv220w Search vendor "Cisco" for product "Rv220w"	-	-	Safe