Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2017-10-12T15:00:00

Updated: 2024-08-06T07:22:20.764Z

Reserved: 2015-08-17T00:00:00

Link: CVE-2015-6358

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-10-12T15:29:00.217

Modified: 2024-11-21T02:34:50.923

Link: CVE-2015-6358

cve-icon Redhat

No data.