Cisco Virtual WSA/ESA/SMA remote-support功能默认SSH主机密钥漏洞(CVE-2015-4217)
发布日期:2015-06-15
更新日期:2015-06-29
受影响系统:
Cisco Content Security Management Virtual Appliance 8.4 .0.0150
Cisco Email Security Virtual Appliance 9.1 .0
Cisco Email Security Virtual Appliance 9.0 .0
Cisco Email Security Virtual Appliance 8.5 .7
Cisco Email Security Virtual Appliance 8.5 .6
Cisco Email Security Virtual Appliance 8.0 .0
Cisco Web Security Virtual Appliance 8.7 .0
Cisco Web Security Virtual Appliance 8.6 .0
Cisco Web Security Virtual Appliance 8.5 .0
Cisco Web Security Virtual Appliance 8.5 .1
Cisco Web Security Virtual Appliance 8.0 .5
Cisco Web Security Virtual Appliance 7.7 .5
描述:
CVE(CAN) ID: CVE-2015-4217
思科是全球领先的互联网解决方案供应商。
Cisco WSAv, ESAv, SMAv设备中,remote-support功能使用了相同的默认SSH主机密钥,这可使未经身份验证的远程攻击者解密并模拟任意虚拟内容安全设备之间的通讯。
<*来源:Cisco
链接:?alertId=39461
*>
建议:
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20150625-ironport)以及相应补丁:
cisco-sa-20150625-ironport:Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA
链接: