Vulnerability Name:

CVE-2012-3372 (CCN-76776)

Assigned:2012-07-03
Published:2012-07-03
Updated:2012-07-09
Summary:** DISPUTED ** The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Cyberoam_SSL_CA certificate in a list of trusted root certification authorities.
Note: the vendor disputes the significance of this issue because the appliance "does not allow import or export of the foresaid private key."
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)
4.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-310
Vulnerability Consequences:Gain Access
References:Source: BUGTRAQ
Type: UNKNOWN
20120703 Cyberoam advisory

Source: CCN
Type: BugTraq Mailing List, Tue Jul 03 2012
Cyberoam advisory

Source: MISC
Type: UNKNOWN
http://blog.cyberoam.com/2012/07/ssl-bridging-cyberoam-approach/

Source: MITRE
Type: CNA
CVE-2012-3372

Source: CCN
Type: SA49799
Cyberoam UTM Self-Signed Certificate Vulnerability

Source: CCN
Type: Cyberoam Web Site
Cyberoam Technologies | Appliance-based Internet Filtering, Internet Monitoring and Reporting Solutions | CyberoamWorks.com

Source: CCN
Type: OSVDB ID: 83532
Cyberoam DPI Common CA Private Key Disclosure MiTM Weakness

Source: CCN
Type: BID-54291
Cyberoam DPI Security Bypass Vulnerability

Source: MISC
Type: UNKNOWN
http://www.theregister.co.uk/2012/07/07/cyberoam_tor_ssl_spying_flap/

Source: MISC
Type: UNKNOWN
https://blog.torproject.org/blog/security-vulnerability-found-cyberoam-dpi-devices-cve-2012-3372

Source: XF
Type: UNKNOWN
cyberoam-dpi-certificate-spoofing(76776)

Source: MISC
Type: UNKNOWN
https://media.torproject.org/misc/2012-07-03-cyberoam-CVE-2012-3372.txt

Vulnerable Configuration:Configuration 1:
  • cpe:/h:elitecore:cyberoam_unified_threat_management:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    elitecore cyberoam unified threat management *