Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20150625-IRONPORT
HistoryJun 25, 2015 - 4:00 p.m.

Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA

2015-06-2516:00:00
tools.cisco.com
38

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.7%

JSON

Cisco Web Security Virtual Appliance (WSAv), Cisco Email Security Virtual Appliance (ESAv), and Cisco Security Management Virtual Appliance (SMAv) are affected by the following vulnerabilities:

Cisco Virtual WSA, ESA, and SMA Default Authorized SSH Key Vulnerability
Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability

Cisco has released software updates that address these vulnerabilities.

There are no workarounds for these vulnerabilities.

This advisory is available at the following link:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport”]

Affected configurations

Vulners
Node
ciscocontent_security_management_virtual_applianceMatchany
OR
ciscoemail_security_virtual_applianceMatchany
OR
ciscoweb_security_virtual_applianceMatchany
OR
ciscocontent_security_management_virtual_applianceMatchany
OR
ciscoemail_security_virtual_applianceMatchany
OR
ciscoweb_security_virtual_applianceMatchany

Related

securityvulns 1
nvd 2
cvelist 2
cisco 1
nessus 2
prion 2
cve 2
openvas 1
securityvulns
securityvulns
Cisco Virtual WSA / ESA / SMA default keys
2015-06-29 00:00:00
nvd
nvd
CVE-2015-4217
2015-06-26 10:59:04
CVE-2015-4216
2015-06-26 10:59:03
cvelist
cvelist
CVE-2015-4217
2015-06-26 10:00:00
CVE-2015-4216
2015-06-26 10:00:00
cisco
cisco
Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability
2015-06-25 16:04:47
nessus
nessus
Cisco Ironport Security Appliance Authorized Key Vulnerability
2015-07-02 00:00:00
Cisco Ironport Security Appliance Default Host Key Vulnerability
2015-07-02 00:00:00
prion
prion
Design/Logic Flaw
2015-06-26 10:59:00
Authentication flaw
2015-06-26 10:59:00
cve
cve
CVE-2015-4217
2015-06-26 10:59:04
CVE-2015-4216
2015-06-26 10:59:03
openvas
openvas
Multiple Cisco Products Default SSH Host Keys Security Bypass Vulnerability
2015-08-14 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.7%

JSON
Related for CISCO-SA-20150625-IRONPORT
securityvulns1nvd2cvelist2cisco1nessus2prion2cve2openvas1