CVE-2015-4217 — MEDIUM (4.3)

Vulnerability Description

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cisco	Content Security Management Virtual Appliance	8.4.0.0150
Cisco	Email Security Virtual Appliance	8.0.0
Cisco	Web Security Virtual Appliance	7.7.5

Related Weaknesses (CWE)

CWE-310 CWE-200

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=39461Vendor Advisory
http://www.securityfocus.com/bid/75418Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032725Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032726Third Party AdvisoryVDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=39461Vendor Advisory
http://www.securityfocus.com/bid/75418Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032725Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032726Third Party AdvisoryVDB Entry

FAQ

What is CVE-2015-4217?

CVE-2015-4217 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the ...

How severe is CVE-2015-4217?

CVE-2015-4217 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4217?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Content Security Management Virtual Appliance, Cisco Email Security Virtual Appliance, Cisco Web Security Virtual Appliance.