Vulnslist

find the latest Cisco vulnerabilities

Cisco RVS4000 and WRVS4400N Gigabit Security Routers Firmware SSL Key Disclosure Vulnerability

Cisco-SA-20110525-CVE-2011-1647 · Medium · Published · Updated

The firmware of Cisco RVS4000 4-port Gigabit Security Routers and WRVS4400N Wireless-N Gigabit Security Routers contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information from a targeted device. The vulnerability is due to improper security protections on SSL certificate private keys on affected devices.  An unauthenticated, remote could exploit this vulnerability to retrieve SSL certificate key information from a targeted device.  If successful, the attacker could access sensitive information that could be used in further attacks. Cisco has confirmed this vulnerability and has released updated software. Unless remote management capabilities are enabled, an attacker could only exploit this vulnerability from internal networks, limiting the potential for exploitation.  Remote management is disabled by default. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to apply the appropriate updates.

Administrators are advised to remove backup files from affected devices.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators are advised to monitor critical systems.

CVEsCVE-2011-1647
Cisco Bug IDsNA
CVSS ScoreBase 5.0
Base 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco RVS4000 Gigabit Security Router - VPN Firmware, Cisco WRVS4400N Gigabit Security Router

Related Products

Product CVE Evidence
Cisco RVS4000 Gigabit Security Router - VPN Firmware CVE-2011-1647 Cisco OpenVuln
Cisco WRVS4400N Gigabit Security Router CVE-2011-1647 Cisco OpenVuln