Vulnslist

find the latest Cisco vulnerabilities

Cisco Unified Computing System C-Series Servers Man-in-the-Middle Vulnerability

Cisco-SA-20150709-CVE-2015-4259 · Medium · Published · Updated

A vulnerability in the Cisco Integrated Management Controller of the Cisco Unified Computing System (UCS) C-Series Servers could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack against the affected device. The vulnerability is due to improper validation of the SSL certificate used to manage the device. An attacker could exploit this vulnerability by using the default SSL certificate to intercept, decrypt, read, and write information. Cisco has confirmed the vulnerability; however, software updates are not available. A successful exploit of this vulnerability could allow the attacker to impact the confidentiality of information transmitted by the device by decrypting encrypted content and accessing sensitive information, which could be used to conduct further attacks. The attacker may need access to trusted, internal networks to use the default SSL certificate used to manage the device, making exploitation more difficult in environments that restrict access to untrusted sources. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Cisco advisory ·CSAF JSON

Workarounds

Administrators are advised to contact the vendor regarding future updates and releases.

Administrators are advised to allow only trusted users to have network access.

Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.

Administrators are advised to monitor affected systems.

CVEsCVE-2015-4259
Cisco Bug IDsCSCum56133, CSCum56177
CVSS ScoreBase 4.3
Base 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N/E:F/RL:U/RC:C
Product Names From Source
Cisco Unified Computing System (Standalone), Cisco Unified Computing System (Management Software)

Related Products

Product CVE Evidence