Published: 28/09/2015 Updated: 04/01/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E prior to 3.6.3E, 3.7E prior to 3.7.1E, 3.10S prior to 3.10.6S, 3.11S prior to 3.11.4S, 3.12S prior to 3.12.3S, 3.13S prior to 3.13.3S, and 3.14S prior to 3.14.1S does not properly implement RSA authentication, which allows remote malicious users to obtain login access by leveraging knowledge of a username and the associated public key, aka Bug ID CSCus73013.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 15.2\\(2\\)e
cisco ios 15.4\\(1\\)s
cisco ios 15.4\\(2\\)s
cisco ios 15.4\\(2\\)t
cisco ios 15.4\\(1\\)t2
cisco ios 15.4\\(1\\)t1
cisco ios 15.4\\(1\\)t3
cisco ios 15.5\\(1\\)s
cisco ios 15.4\\(3\\)m1
cisco ios 15.4\\(2\\)t2
cisco ios 15.3\\(3\\)s
cisco ios 15.2\\(1\\)sy
cisco ios 15.3\\(3\\)m2
cisco ios 15.3\\(3\\)m5
cisco ios 15.4\\(3\\)s
cisco ios 15.3\\(3\\)m4
cisco ios 15.3\\(3\\)s5
cisco ios 15.5\\(1\\)t
cisco ios 15.4\\(2\\)t1
cisco ios 15.4\\(3\\)s1
cisco ios 15.4\\(3\\)s2
cisco ios 15.2\\(2a\\)e1
cisco ios xe 3.10s.1
cisco ios xe 3.10s.0a
cisco ios xe 3.11s.0
cisco ios xe 3.11s.3
cisco ios xe 3.13s.1
cisco ios xe 3.14s.0
cisco ios 15.4\\(3\\)m2
cisco ios 15.4\\(2\\)s2
cisco ios xe 3.11s.1
cisco ios xe 3.12s.0
cisco ios xe 3.11s.2
cisco ios xe 3.13s.0
cisco ios xe 3.10s.3
cisco ios xe 3.10s.01
cisco ios xe 3.6e.0a
cisco ios xe 3.6e.0b
cisco ios xe 3.6e.2a
cisco ios 15.4\\(3\\)m
cisco ios 15.3\\(3\\)s1
cisco ios 15.3\\(3\\)s2
cisco ios 15.3\\(3\\)s3
cisco ios 15.2\\(3\\)e
cisco ios 15.4\\(1\\)s2
cisco ios 15.4\\(2\\)s1
cisco ios 15.4\\(1\\)cg1
cisco ios 15.4\\(2\\)cg
cisco ios 15.2\\(3a\\)e
cisco ios 15.2\\(2\\)ea1
cisco ios 15.2\\(3\\)ea
cisco ios 15.2\\(1\\)sy0a
cisco ios xe 3.12s.1
cisco ios xe 3.12s.2
cisco ios xe 3.6e.0
cisco ios xe 3.6e.1
cisco ios 15.4\\(1\\)t
cisco ios 15.3\\(3\\)m1
cisco ios 15.3\\(3\\)m3
cisco ios 15.3\\(3\\)s4
cisco ios 15.4\\(1\\)cg
cisco ios 15.3\\(3\\)s1a
cisco ios 15.4\\(1\\)s1
cisco ios 15.2\\(2\\)e1
cisco ios 15.4\\(1\\)s3
cisco ios 15.2\\(2\\)e2
cisco ios 15.2\\(2a\\)e2
cisco ios xe 3.10s.0
cisco ios xe 3.10s.2
cisco ios xe 3.10s.4
cisco ios xe 3.10s.5
cisco ios xe 3.13s.2
cisco ios xe 3.7e.0
cisco ios xe 3.6e.2

A vulnerability in the SSH version 2 (SSHv2) protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configured for the Virtual Teletype (VTY) line Depending ...

CWE-287 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk/cvrf/cisco-sa-20150923-sshpk_cvrf.xml http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk http://www.securitytracker.com/id/1033646 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150923-sshpk

CVE-2015-6280

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect