Remote Support Vulnerability in Cisco Web Security, Email Security, and Management Appliances
CVE-2015-4216

Currently unrated

Key Information:

Vendor
Cisco
Status
Email Security Virtual Appliance
Content Security Management Virtual Appliance
Web Security Virtual Appliance
Vendor
CVE Published:
26 June 2015

Summary

The remote support feature on Cisco Web Security Virtual Appliance, Email Security Virtual Appliance, and Security Management Virtual Appliance devices utilizes the same default SSH root authorized key across multiple customers. This design flaw makes it susceptible to exploitation, allowing an attacker with knowledge of a private key from one installation to bypass authentication and access other systems. Cisco devices released prior to June 25, 2015, are particularly at risk, highlighting the need for enhanced security measures regarding SSH key management.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1032725
vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1032726
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.