CVE-2015-6358

Published Oct 12, 2017
Last updated 7 years ago
CVSS medium 5.9
Overview

Description: Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
Source: ykramarz@cisco.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-295
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F503CBF1-C2FB-40ED-8DA4-85F233EC4F8F",
            "versionEndIncluding": "1.3.1.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE1BC6E1-8A83-438F-AE33-3AAED7DF1CBE",
            "versionEndIncluding": "1.3.1.10"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7881E4BC-6590-49C0-88C4-A21F2BE2B4FE",
            "versionEndIncluding": "2.0.3.4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EC30BCF7-FA1A-44B3-8C58-17DFA939E7C7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wrv210_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E9D1511-2B20-4013-9504-0FE9A9B5220C",
            "versionEndIncluding": "2.0.1.5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wrv210:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6FA20862-B235-4230-8861-A59CF62CC65E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wap4410n_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB758D90-1888-42E3-9305-82F59D9C1891",
            "versionEndIncluding": "2.0.7.8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wap4410n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EFF89AC2-2A85-463C-A644-B3FA31A470FA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wrv200_firmware:1.0.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57B0AF22-058C-4273-8A3F-744692DFB77E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wrv200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F73575BC-B0E8-49A5-8E68-4D9B3109029D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wrvs4400n_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A1D37CC-A650-496D-B66B-62F69EFFFCCC",
            "versionEndIncluding": "2.0.2.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wrvs4400n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BC842A29-7A55-4474-B5AD-A6813FE16A7D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wap200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBC035F1-83DE-47F1-BF2D-72FE32E926BC",
            "versionEndIncluding": "2.0.6.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wap200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BD50A4C8-8E79-4D0B-8D23-88425EFE9234"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wvc2300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6F6D758-4D48-4D16-B54C-08F924D8623C",
            "versionEndIncluding": "1.1.2.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wvc2300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E1122B4F-87D0-4030-9C4C-E811BBEAC51F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:pvc2300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24B3D0D5-BA35-44A7-A9AC-EFC38638424E",
            "versionEndIncluding": "1.1.2.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:pvc2300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "35B259F8-E3F8-44D0-9EDB-BC686F239CF6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:srw224p_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72473F9C-4AD6-47AE-9568-D7451EB8DD09",
            "versionEndIncluding": "2.0.2.4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:srw224p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B559090-2CB3-41E6-B9C8-EB83FC7AFE54"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wet200_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1B80159-909F-4B59-9DC6-34C1E508FCD1",
            "versionEndIncluding": "2.0.8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wet200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "565A92B8-DF55-4F7D-B312-E1870728F27A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wap2000_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3751819E-FF92-4540-93D2-2D8F8427D826",
            "versionEndIncluding": "2.0.8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wap2000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C4844B66-4D3A-4526-87A3-6C45B9360691"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wap4400n_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C17056F7-933C-45AD-8F75-64E4B9ADFB55",
            "versionEndIncluding": "-"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wap4400n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D47B755E-277A-4FF5-B005-C7F28B191D6B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv120w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34E8DF08-06D6-46EE-AE4A-8FA11D3E1FB9",
            "versionEndIncluding": "1.0.5.9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv120w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "40465CA8-BE8B-4F15-8578-D8972C241D84"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv180_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A27C46AD-51E7-463F-A296-D4C6DF9B01F7",
            "versionEndIncluding": "1.0.5.4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv180:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8BD67F3-98CE-4B03-8980-6791B753FDC9"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv180w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA690405-6AB8-4503-90AB-0B25F50F4776",
            "versionEndIncluding": "1.0.5.4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv180w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C5E3FBF6-4EB3-4C2F-AE0E-25F5765DD107"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv315w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7EEDA17A-529D-455C-B608-DFCFEC4DD448",
            "versionEndIncluding": "1.01.03"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv315w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8D7B47D7-4D6B-43BF-BF1C-E89C781DDD14"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:srp520_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "857DB576-9674-42E1-B122-0ACCD696818F",
            "versionEndIncluding": "1.01.29"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:srp520:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DEE62C2A-30E6-4E0F-AC84-1A75F5032D22"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:srp520-u_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F87C7EB8-4AF8-484E-B90F-B5E2C77D7679",
            "versionEndIncluding": "1.2.6"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:srp520-u:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F4A12DCA-F804-4CC1-B1FE-EF4A182A9722"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:wrp500_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67487247-39A1-4EF9-A451-3A2585CC7D54",
            "versionEndIncluding": "1.0.1.002"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:wrp500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "78DAF22A-9A5A-4E55-AF0F-ED9969610411"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:spa400_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26067A0B-6752-4008-A021-57A76AC84F26",
            "versionEndIncluding": "1.1.2.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:spa400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A20F9B77-999F-4B2E-8894-6D6AED4A92CC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rtp300_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "114E7DD2-5C5F-40A2-A795-FF75FACB4567",
            "versionEndIncluding": "3.1.24"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rtp300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "78E72C11-E53D-4E29-802A-002F0229C158"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:rv220w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9C4E5A6-88BB-4758-8222-369BAE95C14B",
            "versionEndIncluding": "1.0.4.17"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:rv220w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8620DFD9-E280-464E-91FF-2E901EDD49C0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
