var-201506-0305
Vulnerability from variot
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601. SSH Since the host key is used, there is a vulnerability that can break the cryptographic protection mechanism. Vendors have confirmed this vulnerability Bug ID CSCus29681 , CSCuu95676 ,and CSCuu96601 It is released as.A third party may break the cryptographic protection mechanism by using the private key information obtained from other customer installations. Multiple Cisco products are prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from the server. An attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. This issue is being tracked by Cisco Bug ID's CSCus29681, CSCuu95676, and CSCuu96601. The following products are affected: Cisco WSAv, ESAv, SMAv
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0305",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "8.5.1"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "8.0.5"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "7.7.5"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "8.5.7"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "8.5.6"
},
{
"model": "content security management virtual appliance",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.0.0.087"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.5.0"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.0.0"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.7.0"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "8.0.0"
},
{
"model": "content security management virtual appliance",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "8.4.0.0150"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "8.6.0"
},
{
"model": "e email security virtual appliance",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "2015.6.25 earlier"
},
{
"model": "web security virtual appliance",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "2015.6.25 earlier"
},
{
"model": "content security management virtual appliance",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "2015.6.25 earlier"
},
{
"model": "web security virtual appliance",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "email security virtual appliance",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "security management virtual appliance devices",
"scope": "lt",
"trust": 0.6,
"vendor": "cisco",
"version": "2015-06-25"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.7"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.6"
},
{
"model": "web security virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.5"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.1"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.0"
},
{
"model": "email security virtual appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "BID",
"id": "75418"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:email_security_virtual_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:web_security_virtual_appliance",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:content_security_management_virtual_appliance",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "75418"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4217",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2015-4217",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2015-04098",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-82178",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4217",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-4217",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-04098",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-573",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82178",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "VULHUB",
"id": "VHN-82178"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers\u0027 installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601. SSH Since the host key is used, there is a vulnerability that can break the cryptographic protection mechanism. Vendors have confirmed this vulnerability Bug ID CSCus29681 , CSCuu95676 ,and CSCuu96601 It is released as.A third party may break the cryptographic protection mechanism by using the private key information obtained from other customer installations. Multiple Cisco products are prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from the server. \nAn attacker can exploit this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. \nThis issue is being tracked by Cisco Bug ID\u0027s CSCus29681, CSCuu95676, and CSCuu96601. The following products are affected: Cisco WSAv, ESAv, SMAv",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4217"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "BID",
"id": "75418"
},
{
"db": "VULHUB",
"id": "VHN-82178"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4217",
"trust": 3.4
},
{
"db": "BID",
"id": "75418",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1032725",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1032726",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-573",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-04098",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-82178",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "VULHUB",
"id": "VHN-82178"
},
{
"db": "BID",
"id": "75418"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"id": "VAR-201506-0305",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "VULHUB",
"id": "VHN-82178"
}
],
"trust": 1.3833249133333334
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
}
]
},
"last_update_date": "2024-11-23T22:52:43.816000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20150625-ironport",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"title": "39461",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39461"
},
{
"title": "cisco-sa-20150625-ironport",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/113/1130/1130064_cisco-sa-20150625-ironport-j.html"
},
{
"title": "Cisco Virtual WSA/ESA/SMA remote-support feature patch for default SSH host key vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/60162"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
},
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82178"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39461"
},
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150625-ironport"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4217"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/75418"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032725"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032726"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4217"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "VULHUB",
"id": "VHN-82178"
},
{
"db": "BID",
"id": "75418"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"db": "VULHUB",
"id": "VHN-82178"
},
{
"db": "BID",
"id": "75418"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"date": "2015-06-26T00:00:00",
"db": "VULHUB",
"id": "VHN-82178"
},
{
"date": "2015-06-25T00:00:00",
"db": "BID",
"id": "75418"
},
{
"date": "2015-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"date": "2015-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"date": "2015-06-26T10:59:04.343000",
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-30T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-04098"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-82178"
},
{
"date": "2015-06-25T00:00:00",
"db": "BID",
"id": "75418"
},
{
"date": "2015-07-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003284"
},
{
"date": "2015-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-573"
},
{
"date": "2024-11-21T02:30:39.247000",
"db": "NVD",
"id": "CVE-2015-4217"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Vulnerability that breaks encryption protection mechanism in remote support function of security virtual appliance",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003284"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-573"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.