What is the severity of CVE-2015-4217?

CVE-2015-4217 is classified as a high severity vulnerability due to the risk of unauthorized remote access.

How do I fix CVE-2015-4217?

To fix CVE-2015-4217, you should update your Cisco Web Security Virtual Appliance, Email Security Virtual Appliance, or Security Management Virtual Appliance to a version that addresses this vulnerability.

What systems are affected by CVE-2015-4217?

CVE-2015-4217 affects several Cisco appliances including versions of Web Security, Email Security, and Content Security Management Virtual Appliances prior to specific updates.

What risk does CVE-2015-4217 pose to my network?

CVE-2015-4217 poses a risk of potential unauthorized access as multiple installations may share the same default SSH host keys.

Are there any workarounds for CVE-2015-4217?

Currently, the best workaround for CVE-2015-4217 is to disable remote support until a patch is applied.

Vulnerability/
CVE-2015-4217

medium

4.3

CWE

200 310

26/6/2015

6/8/2024

CVE-2015-4217: Infoleak

First published: Fri Jun 26 2015(Updated: )

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Content Security Management virtual Appliance	=8.4.0.0150
Cisco Content Security Management virtual Appliance	=9.0.0.087
Cisco Email Security Virtual Appliance	=8.0.0
Cisco Email Security Virtual Appliance	=8.5.6
Cisco Email Security Virtual Appliance	=8.5.7
Cisco Email Security Virtual Appliance	=9.0.0
Cisco Web Security Virtual Appliance	=7.7.5
Cisco Web Security Virtual Appliance	=8.0.5
Cisco Web Security Virtual Appliance	=8.5.0
Cisco Web Security Virtual Appliance	=8.5.1
Cisco Web Security Virtual Appliance	=8.6.0
Cisco Web Security Virtual Appliance	=8.7.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-4217?
CVE-2015-4217 is classified as a high severity vulnerability due to the risk of unauthorized remote access.
How do I fix CVE-2015-4217?
To fix CVE-2015-4217, you should update your Cisco Web Security Virtual Appliance, Email Security Virtual Appliance, or Security Management Virtual Appliance to a version that addresses this vulnerability.
What systems are affected by CVE-2015-4217?
CVE-2015-4217 affects several Cisco appliances including versions of Web Security, Email Security, and Content Security Management Virtual Appliances prior to specific updates.
What risk does CVE-2015-4217 pose to my network?
CVE-2015-4217 poses a risk of potential unauthorized access as multiple installations may share the same default SSH host keys.
Are there any workarounds for CVE-2015-4217?
Currently, the best workaround for CVE-2015-4217 is to disable remote support until a patch is applied.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/author
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco content security management virtual appliance
version/cisco content security management virtual appliance/8.4.0.0150
version/cisco content security management virtual appliance/9.0.0.087
canonical/cisco email security virtual appliance
version/cisco email security virtual appliance/8.0.0
version/cisco email security virtual appliance/8.5.6
version/cisco email security virtual appliance/8.5.7
version/cisco email security virtual appliance/9.0.0
canonical/cisco web security virtual appliance
version/cisco web security virtual appliance/7.7.5
version/cisco web security virtual appliance/8.0.5
version/cisco web security virtual appliance/8.5.0
version/cisco web security virtual appliance/8.5.1
version/cisco web security virtual appliance/8.6.0
version/cisco web security virtual appliance/8.7.0

Frequently Asked Questions

What is the severity of CVE-2015-4217?
CVE-2015-4217 is classified as a high severity vulnerability due to the risk of unauthorized remote access.
How do I fix CVE-2015-4217?
To fix CVE-2015-4217, you should update your Cisco Web Security Virtual Appliance, Email Security Virtual Appliance, or Security Management Virtual Appliance to a version that addresses this vulnerability.
What systems are affected by CVE-2015-4217?
CVE-2015-4217 affects several Cisco appliances including versions of Web Security, Email Security, and Content Security Management Virtual Appliances prior to specific updates.
What risk does CVE-2015-4217 pose to my network?
CVE-2015-4217 poses a risk of potential unauthorized access as multiple installations may share the same default SSH host keys.
Are there any workarounds for CVE-2015-4217?
Currently, the best workaround for CVE-2015-4217 is to disable remote support until a patch is applied.

CVE-2015-4217: Infoleak

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-4217?

How do I fix CVE-2015-4217?

What systems are affected by CVE-2015-4217?

What risk does CVE-2015-4217 pose to my network?

Are there any workarounds for CVE-2015-4217?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-4217?

How do I fix CVE-2015-4217?

What systems are affected by CVE-2015-4217?

What risk does CVE-2015-4217 pose to my network?

Are there any workarounds for CVE-2015-4217?