// For flags

CVE-2015-6418

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.

El generador de número aleatorio en routers Cisco Small Business RV 4.x y dispositivos de seguridad SA500 2.2.07 no tiene suficiente entropía, lo que hace que sea más fácil para atacantes remotos determinar un par de claves TLS a través de computaciones no especificadas sobre datos de intercambio de clave en el apretón de manos, también conocido como Bug ID CSCus15224.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-08-17 CVE Reserved
  • 2015-12-13 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Sa520
Search vendor "Cisco" for product "Sa520"
2.2.07
Search vendor "Cisco" for product "Sa520" and version "2.2.07"
-
Affected
Cisco
Search vendor "Cisco"
Sa520w
Search vendor "Cisco" for product "Sa520w"
2.2.07
Search vendor "Cisco" for product "Sa520w" and version "2.2.07"
-
Affected
Cisco
Search vendor "Cisco"
Sa540
Search vendor "Cisco" for product "Sa540"
2.2.07
Search vendor "Cisco" for product "Sa540" and version "2.2.07"
-
Affected
Cisco
Search vendor "Cisco"
Rv016 Multi-wan Vpn Firmware
Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware"
4.0.0.7
Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware" and version "4.0.0.7"
-
Affected
Cisco
Search vendor "Cisco"
Rv016 Multi-wan Vpn Firmware
Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware"
4.0.2.8
Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware" and version "4.0.2.8"
-
Affected
Cisco
Search vendor "Cisco"
Rv016 Multi-wan Vpn Firmware
Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware"
4.0.5.0
Search vendor "Cisco" for product "Rv016 Multi-wan Vpn Firmware" and version "4.0.5.0"
-
Affected
Cisco
Search vendor "Cisco"
Rv042 Dual Wan Vpn Router Firmware
Search vendor "Cisco" for product "Rv042 Dual Wan Vpn Router Firmware"
4.0.2.8
Search vendor "Cisco" for product "Rv042 Dual Wan Vpn Router Firmware" and version "4.0.2.8"
-
Affected
Cisco
Search vendor "Cisco"
Rv042g Dual Gigabit Wan Vpn Firmware
Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware"
4.0.0.7
Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware" and version "4.0.0.7"
-
Affected
Cisco
Search vendor "Cisco"
Rv042g Dual Gigabit Wan Vpn Firmware
Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware"
4.2.2.7
Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware" and version "4.2.2.7"
-
Affected
Cisco
Search vendor "Cisco"
Rv042g Dual Gigabit Wan Vpn Firmware
Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware"
4.2.2.8
Search vendor "Cisco" for product "Rv042g Dual Gigabit Wan Vpn Firmware" and version "4.2.2.8"
-
Affected
Cisco
Search vendor "Cisco"
Rv082 Dual Wan Vpn Router Firmware
Search vendor "Cisco" for product "Rv082 Dual Wan Vpn Router Firmware"
4.0.0.7
Search vendor "Cisco" for product "Rv082 Dual Wan Vpn Router Firmware" and version "4.0.0.7"
-
Affected
Cisco
Search vendor "Cisco"
Rv082 Dual Wan Vpn Router Firmware
Search vendor "Cisco" for product "Rv082 Dual Wan Vpn Router Firmware"
4.0.2.8
Search vendor "Cisco" for product "Rv082 Dual Wan Vpn Router Firmware" and version "4.0.2.8"
-
Affected