Default SSH Root Authorized Key Reuse Vulnerability in Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) Devices

Default SSH Root Authorized Key Reuse Vulnerability in Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) Devices

CVE-2015-4216 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.

Learn more about our Cis Benchmark Audit For Cisco.