CVE-2015-6358

Published: Oct 12, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

Affected (24)

Products: Cisco: Rv320 Firmware, Rv325 Firmware, Rvs4000 Firmware, Wrv210 Firmware, Wap4410n Firmware, Wrv200 Firmware, Wrvs4400n Firmware, Wap200 Firmware, Wvc2300 Firmware, Pvc2300 Firmware, Srw224p Firmware, Wet200 Firmware, Wap2000 Firmware, Wap4400n Firmware, Rv120w Firmware, Rv180 Firmware, Rv180w Firmware, Rv315w Firmware, Srp520 Firmware, Srp520 U Firmware, Wrp500 Firmware, Spa400 Firmware, Rtp300 Firmware, Rv220w Firmware

24 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv320 Firmware	Up to 1.3.1.10

Running on/with	Platform Versions
Cisco Rv320	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv325 Firmware	Up to 1.3.1.10

Running on/with	Platform Versions
Cisco Rv325	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rvs4000 Firmware	Up to 2.0.3.4

Running on/with	Platform Versions
Cisco Rvs4000	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wrv210 Firmware	Up to 2.0.1.5

Running on/with	Platform Versions
Cisco Wrv210	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wap4410n Firmware	Up to 2.0.7.8

Running on/with	Platform Versions
Cisco Wap4410n	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wrv200 Firmware	Version 1.0.39

Running on/with	Platform Versions
Cisco Wrv200	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wrvs4400n Firmware	Up to 2.0.2.2

Running on/with	Platform Versions
Cisco Wrvs4400n	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wap200 Firmware	Up to 2.0.6.0

Running on/with	Platform Versions
Cisco Wap200	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wvc2300 Firmware	Up to 1.1.2.6

Running on/with	Platform Versions
Cisco Wvc2300	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Pvc2300 Firmware	Up to 1.1.2.6

Running on/with	Platform Versions
Cisco Pvc2300	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Srw224p Firmware	Up to 2.0.2.4

Running on/with	Platform Versions
Cisco Srw224p	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wet200 Firmware	Up to 2.0.8.0

Running on/with	Platform Versions
Cisco Wet200	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wap2000 Firmware	Up to 2.0.8.0

Running on/with	Platform Versions
Cisco Wap2000	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wap4400n Firmware	Up to -

Running on/with	Platform Versions
Cisco Wap4400n	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv120w Firmware	Up to 1.0.5.9

Running on/with	Platform Versions
Cisco Rv120w	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv180 Firmware	Up to 1.0.5.4

Running on/with	Platform Versions
Cisco Rv180	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv180w Firmware	Up to 1.0.5.4

Running on/with	Platform Versions
Cisco Rv180w	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv315w Firmware	Up to 1.01.03

Running on/with	Platform Versions
Cisco Rv315w	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Srp520 Firmware	Up to 1.01.29

Running on/with	Platform Versions
Cisco Srp520	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Srp520 U Firmware	Up to 1.2.6

Running on/with	Platform Versions
Cisco Srp520 U	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Wrp500 Firmware	Up to 1.0.1.002

Running on/with	Platform Versions
Cisco Wrp500	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Spa400 Firmware	Up to 1.1.2.2

Running on/with	Platform Versions
Cisco Spa400	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rtp300 Firmware	Up to 3.1.24

Running on/with	Platform Versions
Cisco Rtp300	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Rv220w Firmware	Up to 1.0.4.17

Running on/with	Platform Versions
Cisco Rv220w	All versions

Related CWEs

CWE-295

Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

References (14)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci

Source: psirt@cisco.com

Issue TrackingPatchVendor Advisory

http://www.kb.cert.org/vuls/id/566724

Source: psirt@cisco.com

Third Party AdvisoryUS Government Resource

http://www.securityfocus.com/bid/78047

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034255

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034256

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034257

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034258

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci