Lucene search

[email protected]CVE-2015-6280

HistorySep 28, 2015 - 2:59 a.m.

CVE-2015-6280

2015-09-2802:59:12

CWE-287

[email protected]

web.nvd.nist.gov

cisco

ios

sshv2

cve-2015-6280

vulnerability

rsa authentication

cisco ios vulnerability

remote access

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.2%

JSON

The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E before 3.7.1E, 3.10S before 3.10.6S, 3.11S before 3.11.4S, 3.12S before 3.12.3S, 3.13S before 3.13.3S, and 3.14S before 3.14.1S does not properly implement RSA authentication, which allows remote attackers to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013.

Affected configurations

NVD

Node

ciscoiosMatch15.2\(1\)sy

ciscoiosMatch15.2\(1\)sy0a

ciscoiosMatch15.2\(2\)e

ciscoiosMatch15.2\(2\)e1

ciscoiosMatch15.2\(2\)e2

ciscoiosMatch15.2\(2\)ea1

ciscoiosMatch15.2\(2a\)e1

ciscoiosMatch15.2\(2a\)e2

ciscoiosMatch15.2\(3\)e

ciscoiosMatch15.2\(3\)ea

ciscoiosMatch15.2\(3a\)e

ciscoiosMatch15.3\(3\)m1

ciscoiosMatch15.3\(3\)m2

ciscoiosMatch15.3\(3\)m3

ciscoiosMatch15.3\(3\)m4

ciscoiosMatch15.3\(3\)m5

ciscoiosMatch15.3\(3\)s

ciscoiosMatch15.3\(3\)s1

ciscoiosMatch15.3\(3\)s1a

ciscoiosMatch15.3\(3\)s2

ciscoiosMatch15.3\(3\)s3

ciscoiosMatch15.3\(3\)s4

ciscoiosMatch15.3\(3\)s5

ciscoiosMatch15.4\(1\)cg

ciscoiosMatch15.4\(1\)cg1

ciscoiosMatch15.4\(1\)s

ciscoiosMatch15.4\(1\)s1

ciscoiosMatch15.4\(1\)s2

ciscoiosMatch15.4\(1\)s3

ciscoiosMatch15.4\(1\)t

ciscoiosMatch15.4\(1\)t1

ciscoiosMatch15.4\(1\)t2

ciscoiosMatch15.4\(1\)t3

ciscoiosMatch15.4\(2\)cg

ciscoiosMatch15.4\(2\)s

ciscoiosMatch15.4\(2\)s1

ciscoiosMatch15.4\(2\)s2

ciscoiosMatch15.4\(2\)t

ciscoiosMatch15.4\(2\)t1

ciscoiosMatch15.4\(2\)t2

ciscoiosMatch15.4\(3\)m

ciscoiosMatch15.4\(3\)m1

ciscoiosMatch15.4\(3\)m2

ciscoiosMatch15.4\(3\)s

ciscoiosMatch15.4\(3\)s1

ciscoiosMatch15.4\(3\)s2

ciscoiosMatch15.5\(1\)s

ciscoiosMatch15.5\(1\)t

ciscoios_xeMatch3.6e.0

ciscoios_xeMatch3.6e.0a

ciscoios_xeMatch3.6e.0b

ciscoios_xeMatch3.6e.1

ciscoios_xeMatch3.6e.2

ciscoios_xeMatch3.6e.2a

ciscoios_xeMatch3.7e.0

ciscoios_xeMatch3.10s.0

ciscoios_xeMatch3.10s.0a

ciscoios_xeMatch3.10s.01

ciscoios_xeMatch3.10s.1

ciscoios_xeMatch3.10s.2

ciscoios_xeMatch3.10s.3

ciscoios_xeMatch3.10s.4

ciscoios_xeMatch3.10s.5

ciscoios_xeMatch3.11s.0

ciscoios_xeMatch3.11s.1

ciscoios_xeMatch3.11s.2

ciscoios_xeMatch3.11s.3

ciscoios_xeMatch3.12s.0

ciscoios_xeMatch3.12s.1

ciscoios_xeMatch3.12s.2

ciscoios_xeMatch3.13s.0

ciscoios_xeMatch3.13s.1

ciscoios_xeMatch3.13s.2

ciscoios_xeMatch3.14s.0

CPENameOperatorVersion
cisco:ioscisco ioseq15.2\(1\)sy
cisco:ioscisco ioseq15.2\(1\)sy0a
cisco:ioscisco ioseq15.2\(2\)e
cisco:ioscisco ioseq15.2\(2\)e1
cisco:ioscisco ioseq15.2\(2\)e2
cisco:ioscisco ioseq15.2\(2\)ea1
cisco:ioscisco ioseq15.2\(2a\)e1
cisco:ioscisco ioseq15.2\(2a\)e2
cisco:ioscisco ioseq15.2\(3\)e
cisco:ioscisco ioseq15.2\(3\)ea

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	15.2\(1\)sy
cisco:ios	cisco ios	eq	15.2\(1\)sy0a
cisco:ios	cisco ios	eq	15.2\(2\)e
cisco:ios	cisco ios	eq	15.2\(2\)e1
cisco:ios	cisco ios	eq	15.2\(2\)e2
cisco:ios	cisco ios	eq	15.2\(2\)ea1
cisco:ios	cisco ios	eq	15.2\(2a\)e1
cisco:ios	cisco ios	eq	15.2\(2a\)e2
cisco:ios	cisco ios	eq	15.2\(3\)e
cisco:ios	cisco ios	eq	15.2\(3\)ea