Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Cisco Products Confidential Information Decryption Man-in-the-Middle Vulnerability

cisco-sa-20151125-ci · Medium · Published · Updated

A vulnerability in the cryptographic implementation of multiple Cisco products could allow an unauthenticated, remote attacker to make use of hard-coded certificate and keys embedded within the firmware of the affected device. The vulnerability is due to the lack of unique key and certificate generation within affected appliances. An attacker could exploit this vulnerability by using the static information to conduct man-in-the-middle attacks to decrypt confidential information on user connections. This is an attack on the client attempting to access the device and does not compromise the device itself. To exploit the issue, an attacker needs not only the public and private key pair, but also a privileged position in the network that would allow the attacker to monitor the traffic between client and server, intercept the traffic, and modify or inject the attacker's own traffic. There are no workarounds that address this vulnerability. Cisco has not released software updates that address this vulnerability.  This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. As a mitigation, customers may want to restrict access to the device's administrative interfaces over SSH and HTTPS to a known, trusted subset of IP addresses.

CVEsCVE-2015-6358
Cisco Bug IDsCSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, CSCuw90913
CVSS ScoreBase 5.0
Base 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:UC
Product Names From Source
Cisco WVC2300 Wireless-G Business Internet Video Camera - Audio Firmware, Cisco Small Business SRP500 Series Services Ready Platforms, Cisco Small Business Wireless Access Points Firmware, Cisco Small Business RV Series Router Firmware, Cisco Small Business Video Surveillance Cameras Firmware, Cisco Small Business IP Phones, Cisco SPA400 Internet Telephony Gateway with 4FXO Ports, Cisco WRP500 Wireless-AC Broadband Router with 2 Phone Ports, Cisco SRW224P 24-port 10 100 + 2-port Gigabit Switch - WebView PoE, Cisco WRV210 Wireless-G VPN Router with RangeBooster, SPA400 Internet Telephony Gateway with 4FXO Ports

Related Products

Product CVE Evidence
SPA400 Internet Telephony Gateway with 4FXO Ports CVE-2015-6358 Cisco OpenVuln
Cisco WVC2300 Wireless-G Business Internet Video Camera - Audio Firmware CVE-2015-6358 Cisco OpenVuln
Cisco WRV210 Wireless-G VPN Router with RangeBooster CVE-2015-6358 Cisco OpenVuln
Cisco WRP500 Wireless-AC Broadband Router with 2 Phone Ports CVE-2015-6358 Cisco OpenVuln
Cisco Small Business Wireless Access Points Firmware CVE-2015-6358 Cisco OpenVuln
Cisco Small Business Video Surveillance Cameras Firmware CVE-2015-6358 Cisco OpenVuln
Cisco Small Business SRP500 Series Services Ready Platforms CVE-2015-6358 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2015-6358 Cisco OpenVuln
Cisco Small Business IP Phones CVE-2015-6358 Cisco OpenVuln
Cisco SRW224P 24-port 10 100 + 2-port Gigabit Switch - WebView PoE CVE-2015-6358 Cisco OpenVuln
Cisco SPA400 Internet Telephony Gateway with 4FXO Ports CVE-2015-6358 Cisco OpenVuln