2 matches found
Cisco Ironport Security Appliance Default Host Key Vulnerability
The remote Cisco security appliance uses a default host key that is shared among all installations of the product. An unauthenticated, remote attacker with knowledge of the private key can impersonate other devices or perform a man-in-the-middle attack between this host and other virtual security...
CVE-2015-4217
The CVE-2015-4217 issue affects Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv). The root cause is the use of the same default SSH host keys across different customer installations, enabling an unauthenticated ...