Design/Logic Flaw

2015-06-2610:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

58.7%

JSON

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers’ installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.

CPENameOperatorVersion
content_security_management_virtual_applianceeq9.0.0.087
content_security_management_virtual_applianceeq8.4.0.0150
email_security_virtual_applianceeq8.5.7
email_security_virtual_applianceeq8.5.6
email_security_virtual_applianceeq9.0.0
email_security_virtual_applianceeq8.0.0
web_security_virtual_applianceeq8.7.0
web_security_virtual_applianceeq7.7.5
web_security_virtual_applianceeq8.5.1
web_security_virtual_applianceeq8.6.0

Name	Operator	Version
content_security_management_virtual_appliance	eq	9.0.0.087
content_security_management_virtual_appliance	eq	8.4.0.0150
email_security_virtual_appliance	eq	8.5.7
email_security_virtual_appliance	eq	8.5.6
email_security_virtual_appliance	eq	9.0.0
email_security_virtual_appliance	eq	8.0.0
web_security_virtual_appliance	eq	8.7.0
web_security_virtual_appliance	eq	7.7.5
web_security_virtual_appliance	eq	8.5.1
web_security_virtual_appliance	eq	8.6.0