CVE-2015-6358
N/A
N/A
Summary
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.kb.cert.org/vuls/id/566724
- http://www.securitytracker.com/id/1034258
- http://www.securityfocus.com/bid/78047
- http://www.securitytracker.com/id/1034255
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci
- http://www.securitytracker.com/id/1034257
- http://www.securitytracker.com/id/1034256
References
- http://www.kb.cert.org/vuls/id/566724
- http://www.securitytracker.com/id/1034258
- http://www.securityfocus.com/bid/78047
- http://www.securitytracker.com/id/1034255
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci
- http://www.securitytracker.com/id/1034257
- http://www.securitytracker.com/id/1034256
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.