Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-6358

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

Security Impact Summary

This vulnerability carries a MEDIUM severity rating with a CVSS v3.1 score of 5.9, indicating it can be exploited remotely over the network but requires specific conditions to be met without requiring user interaction and does not require pre-existing privileges . The vulnerability impacts confidentiality (data exposure), for affected systems. Impacting 48 products from cisco, from cisco, from cisco and 45 others, organizations running these solutions should prioritize assessment and patching.

Historical Context

First disclosed in 2017, this vulnerability was reported during a period defined by widespread IoT adoption challenges, mobile security concerns, and the emergence of advanced persistent threat (APT) techniques. Contemporary mitigation strategies focused on secure development practices and third-party component vetting.

Published

2017-10-12T15:29:00.217

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-295

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	rv320_firmware	≤ 1.3.1.10	Yes
Hardware	cisco	rv320	-	No
Operating System	cisco	rv325_firmware	≤ 1.3.1.10	Yes
Hardware	cisco	rv325	-	No
Operating System	cisco	rvs4000_firmware	≤ 2.0.3.4	Yes
Hardware	cisco	rvs4000	-	No
Operating System	cisco	wrv210_firmware	≤ 2.0.1.5	Yes
Hardware	cisco	wrv210	-	No
Operating System	cisco	wap4410n_firmware	≤ 2.0.7.8	Yes
Hardware	cisco	wap4410n	-	No
Operating System	cisco	wrv200_firmware	1.0.39	Yes
Hardware	cisco	wrv200	-	No
Operating System	cisco	wrvs4400n_firmware	≤ 2.0.2.2	Yes
Hardware	cisco	wrvs4400n	-	No
Operating System	cisco	wap200_firmware	≤ 2.0.6.0	Yes
Hardware	cisco	wap200	-	No
Operating System	cisco	wvc2300_firmware	≤ 1.1.2.6	Yes
Hardware	cisco	wvc2300	-	No
Operating System	cisco	pvc2300_firmware	≤ 1.1.2.6	Yes
Hardware	cisco	pvc2300	-	No
Operating System	cisco	srw224p_firmware	≤ 2.0.2.4	Yes
Hardware	cisco	srw224p	-	No
Operating System	cisco	wet200_firmware	≤ 2.0.8.0	Yes
Hardware	cisco	wet200	-	No
Operating System	cisco	wap2000_firmware	≤ 2.0.8.0	Yes
Hardware	cisco	wap2000	-	No
Operating System	cisco	wap4400n_firmware	≤ -	Yes
Hardware	cisco	wap4400n	-	No
Operating System	cisco	rv120w_firmware	≤ 1.0.5.9	Yes
Hardware	cisco	rv120w	-	No
Operating System	cisco	rv180_firmware	≤ 1.0.5.4	Yes
Hardware	cisco	rv180	-	No
Operating System	cisco	rv180w_firmware	≤ 1.0.5.4	Yes
Hardware	cisco	rv180w	-	No
Operating System	cisco	rv315w_firmware	≤ 1.01.03	Yes
Hardware	cisco	rv315w	-	No
Operating System	cisco	srp520_firmware	≤ 1.01.29	Yes
Hardware	cisco	srp520	-	No
Operating System	cisco	srp520-u_firmware	≤ 1.2.6	Yes
Hardware	cisco	srp520-u	-	No
Operating System	cisco	wrp500_firmware	≤ 1.0.1.002	Yes
Hardware	cisco	wrp500	-	No
Operating System	cisco	spa400_firmware	≤ 1.1.2.2	Yes
Hardware	cisco	spa400	-	No
Operating System	cisco	rtp300_firmware	≤ 3.1.24	Yes
Hardware	cisco	rtp300	-	No
Operating System	cisco	rv220w_firmware	≤ 1.0.4.17	Yes
Hardware	cisco	rv220w	-	No

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci Issue Tracking, Patch, Vendor Advisory ([email protected])
http://www.kb.cert.org/vuls/id/566724 Third Party Advisory, US Government Resource ([email protected])
http://www.securityfocus.com/bid/78047 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1034255 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1034256 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1034257 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1034258 Third Party Advisory, VDB Entry ([email protected])
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151125-ci Issue Tracking, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/566724 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/78047 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034255 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034256 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034257 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1034258 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)

How SecUtils Interprets This CVE

SecUtils normalizes and enriches National Vulnerability Database (NVD) records by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and providing structured context for security teams. For cisco's affected products, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference data to enable rapid vulnerability prioritization and asset correlation. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for patch management, risk assessment, and security operations.