Multiple Cisco Products Default SSH Host Keys Security Bypass Vulnerability

Information

Severity

Severity

Medium

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

4.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Solution Type

Solution Type

Vendor Patch

Created

Created

6 years ago

Modified

Modified

3 years ago

Summary

Multiple Cisco products are prone to a security-bypass vulnerability.

Insight

Insight

The vulnerability is due to the presence of default SSH host keys that are shared across all the installations of WSAv, ESAv, and SMAv. An attacker could exploit this vulnerability by obtaining one of the SSH private keys and using it to impersonate or decrypt communication between any WSAv, ESAv, or SMAv. An exploit could allow the attacker to decrypt and impersonate secure communication between any virtual content security appliances.

Affected Software

Affected Software

Cisco Web Security Virtual Appliance (WSAv), Cisco Email Security Virtual Appliance (ESAv), and Cisco Security Management Virtual Appliance (SMAv) are affected.

Detection Method

Detection Method

Check the remote ssh host keys.

Solution

Solution

Updates are available. Please see the vendor advisory for more information.

Common Vulnerabilities and Exposures (CVE)

Free Vulnerability Scanner

Mageni can help you to scan, assess and manage your vulnerabilities.

Processing. Please wait...

We care about the protection of your data. Read our Privacy Policy.