Vulnerability Name: CVE-2015-4217 (CCN-104073) Assigned: 2015-06-25 Published: 2015-06-25 Updated: 2016-12-28 Summary: The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601. CVSS v3 Severity: 6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N 3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
5.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N 4.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-310 CWE-200 Vulnerability Consequences: Bypass Security References: Source: MITRECVE-2015-4217 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA 20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability 20150625 Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability 75418 1032725 1032726 cisco-virtual-cve20154217-sec-bypass(104073) Vulnerable Configuration: Configuration 1 :cpe:/a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:* OR cpe:/a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:* OR cpe:/a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:* OR cpe:/a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:* OR cpe:/a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:* OR cpe:/a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:* OR cpe:/a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:* OR cpe:/a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:* OR cpe:/a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:* OR cpe:/a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:* OR cpe:/a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:* OR cpe:/a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:cisco:web_security_appliance_(wsa):5.6.0-623:*:*:*:*:*:*:* BACK
cisco content security management virtual appliance 8.4.0.0150
cisco content security management virtual appliance 9.0.0.087
cisco email security virtual appliance 8.0.0
cisco email security virtual appliance 8.5.6
cisco email security virtual appliance 8.5.7
cisco email security virtual appliance 9.0.0
cisco web security virtual appliance 7.7.5
cisco web security virtual appliance 8.0.5
cisco web security virtual appliance 8.5.0
cisco web security virtual appliance 8.5.1
cisco web security virtual appliance 8.6.0
cisco web security virtual appliance 8.7.0
cisco web security appliance (wsa) 5.6.0-623
Denotes that component is vulnerable