CVE-2015-6358
First published: Thu Oct 12 2017(Updated: )
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Rv320 Firmware | <=1.3.1.10 | |
| Cisco RV320 | ||
| Cisco Rv325 Firmware | <=1.3.1.10 | |
| Cisco RV325 | ||
| Cisco Rvs4000 Firmware | <=2.0.3.4 | |
| Cisco RVS4000 | ||
| Cisco Wrv210 Firmware | <=2.0.1.5 | |
| Cisco Wrv210 | ||
| Cisco Wap4410n Firmware | <=2.0.7.8 | |
| Cisco WAP4410N | ||
| Cisco Wrv200 Firmware | =1.0.39 | |
| Cisco Wrv200 | ||
| Cisco Wrvs4400n Firmware | <=2.0.2.2 | |
| Cisco Wrvs4400n | ||
| Cisco Wap200 Firmware | <=2.0.6.0 | |
| Cisco Wap200 | ||
| Cisco Wvc2300 Firmware | <=1.1.2.6 | |
| Cisco Wvc2300 | ||
| Cisco Pvc2300 Firmware | <=1.1.2.6 | |
| Cisco Pvc2300 | ||
| Cisco Srw224p Firmware | <=2.0.2.4 | |
| Cisco Srw224p | ||
| Cisco Wet200 Firmware | <=2.0.8.0 | |
| Cisco Wet200 | ||
| Cisco Wap2000 Firmware | <=2.0.8.0 | |
| Cisco Wap2000 | ||
| Cisco Wap4400n Firmware | <=- | |
| Cisco Wap4400n | ||
| Cisco Rv120w Firmware | <=1.0.5.9 | |
| Cisco Rv120w | ||
| Cisco Rv180 Firmware | <=1.0.5.4 | |
| Cisco Rv180 | ||
| Cisco Rv180w Firmware | <=1.0.5.4 | |
| Cisco RV180W | ||
| Cisco Rv315w Firmware | <=1.01.03 | |
| Cisco Rv315w | ||
| Cisco Srp520 Firmware | <=1.01.29 | |
| Cisco Srp520 | ||
| Cisco Srp520-u Firmware | <=1.2.6 | |
| Cisco Srp520-u | ||
| Cisco Wrp500 Firmware | <=1.0.1.002 | |
| Cisco Wrp500 | ||
| Cisco Spa400 Firmware | <=1.1.2.2 | |
| Cisco Spa400 | ||
| Cisco Rtp300 Firmware | <=3.1.24 | |
| Cisco Rtp300 | ||
| Cisco Rv220w Firmware | <=1.0.4.17 | |
| Cisco Rv220w |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci
- http://www.kb.cert.org/vuls/id/566724
- http://www.securityfocus.com/bid/78047
- http://www.securitytracker.com/id/1034255
- http://www.securitytracker.com/id/1034256
- http://www.securitytracker.com/id/1034257
- http://www.securitytracker.com/id/1034258
- collector/nvd-index
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/severity
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco rv320 firmware
- version/cisco rv320 firmware/1.3.1.10
- canonical/cisco rv320
- canonical/cisco rv325 firmware
- version/cisco rv325 firmware/1.3.1.10
- canonical/cisco rv325
- canonical/cisco rvs4000 firmware
- version/cisco rvs4000 firmware/2.0.3.4
- canonical/cisco rvs4000
- canonical/cisco wrv210 firmware
- version/cisco wrv210 firmware/2.0.1.5
- canonical/cisco wrv210
- canonical/cisco wap4410n firmware
- version/cisco wap4410n firmware/2.0.7.8
- canonical/cisco wap4410n
- canonical/cisco wrv200 firmware
- version/cisco wrv200 firmware/1.0.39
- canonical/cisco wrv200
- canonical/cisco wrvs4400n firmware
- version/cisco wrvs4400n firmware/2.0.2.2
- canonical/cisco wrvs4400n
- canonical/cisco wap200 firmware
- version/cisco wap200 firmware/2.0.6.0
- canonical/cisco wap200
- canonical/cisco wvc2300 firmware
- version/cisco wvc2300 firmware/1.1.2.6
- canonical/cisco wvc2300
- canonical/cisco pvc2300 firmware
- version/cisco pvc2300 firmware/1.1.2.6
- canonical/cisco pvc2300
- canonical/cisco srw224p firmware
- version/cisco srw224p firmware/2.0.2.4
- canonical/cisco srw224p
- canonical/cisco wet200 firmware
- version/cisco wet200 firmware/2.0.8.0
- canonical/cisco wet200
- canonical/cisco wap2000 firmware
- version/cisco wap2000 firmware/2.0.8.0
- canonical/cisco wap2000
- canonical/cisco wap4400n firmware
- version/cisco wap4400n firmware/-
- canonical/cisco wap4400n
- canonical/cisco rv120w firmware
- version/cisco rv120w firmware/1.0.5.9
- canonical/cisco rv120w
- canonical/cisco rv180 firmware
- version/cisco rv180 firmware/1.0.5.4
- canonical/cisco rv180
- canonical/cisco rv180w firmware
- version/cisco rv180w firmware/1.0.5.4
- canonical/cisco rv180w
- canonical/cisco rv315w firmware
- version/cisco rv315w firmware/1.01.03
- canonical/cisco rv315w
- canonical/cisco srp520 firmware
- version/cisco srp520 firmware/1.01.29
- canonical/cisco srp520
- canonical/cisco srp520-u firmware
- version/cisco srp520-u firmware/1.2.6
- canonical/cisco srp520-u
- canonical/cisco wrp500 firmware
- version/cisco wrp500 firmware/1.0.1.002
- canonical/cisco wrp500
- canonical/cisco spa400 firmware
- version/cisco spa400 firmware/1.1.2.2
- canonical/cisco spa400
- canonical/cisco rtp300 firmware
- version/cisco rtp300 firmware/3.1.24
- canonical/cisco rtp300
- canonical/cisco rv220w firmware
- version/cisco rv220w firmware/1.0.4.17
- canonical/cisco rv220w