Default SSH Key Vulnerability in Cisco Web Security Appliances
CVE-2015-4217

Currently unrated

Key Information:

Vendor
Cisco
Status
Email Security Virtual Appliance
Content Security Management Virtual Appliance
Web Security Virtual Appliance
Vendor
CVE Published:
26 June 2015

Summary

The remote-support feature on Cisco Web Security Virtual Appliances, Email Security Virtual Appliances, and Security Management Virtual Appliances prior to June 25, 2015, utilize the same default SSH host keys across various customer installations. This uniformity poses a significant risk, allowing remote attackers to exploit knowledge of a private key from one installation to compromise the cryptographic protections of another. It is crucial for users to update their systems to ensure unique SSH keys and mitigate the potential for unauthorized access, as detailed in Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securitytracker.com/id/1032725
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.