5 - VU#566724

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Embedded devices use non-unique X.509 certificates and SSH host keys

Informations
Name	VU#566724	First vendor Publication	2015-11-25
Vendor	VU-CERT	Last vendor Modification	2015-12-17
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Original Source

Url : http://www.kb.cert.org/vuls/id/566724

CWE : Common Weakness Enumeration

%	Id	Name
40 %	CWE-200	Information Exposure
20 %	CWE-798	Use of Hard-coded Credentials (CWE/SANS Top 25)
20 %	CWE-310	Cryptographic Issues
20 %	CWE-295	Certificate Issues

CPE : Common Platform Enumeration

Type	Description	Count
Os	Cisco Pvc2300 Firmware cpe:2.3:o:cisco:pvc2300_firmware:1.1.2.6:::::::*	1
Os	Cisco Rtp300 Firmware cpe:2.3:o:cisco:rtp300_firmware:3.1.24:::::::*	1
Os	Cisco Rv120W Firmware cpe:2.3:o:cisco:rv120w_firmware:1.0.5.9:::::::* cpe:2.3:o:cisco:rv120w_firmware:1.0.5.8:::::::*	2
Os	Cisco Rv180 Firmware cpe:2.3:o:cisco:rv180_firmware:1.0.5.4:::::::* cpe:2.3:o:cisco:rv180_firmware:1.0.3.10:::::::*	2
Os	Cisco Rv180W Firmware cpe:2.3:o:cisco:rv180w_firmware:1.0.5.4:::::::* cpe:2.3:o:cisco:rv180w_firmware:-:::::::*	2
Os	Cisco Rv220W Firmware cpe:2.3:o:cisco:rv220w_firmware:1.0.4.17:::::::* cpe:2.3:o:cisco:rv220w_firmware:-:::::::*	2
Os	Cisco Rv315W Firmware cpe:2.3:o:cisco:rv315w_firmware:1.01.03:::::::*	1
Os	Cisco Rv320 Firmware cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:::::::* cpe:2.3:o:cisco:rv320_firmware:::::::: cpe:2.3:o:cisco:rv320_firmware:-:::::::*	3
Os	Cisco Rv325 Firmware cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:::::::* cpe:2.3:o:cisco:rv325_firmware:::::::: cpe:2.3:o:cisco:rv325_firmware:-:::::::*	3
Os	Cisco Rvs4000 Firmware cpe:2.3:o:cisco:rvs4000_firmware:2.0.3.4:::::::* cpe:2.3:o:cisco:rvs4000_firmware:2.0.3.2:::::::* cpe:2.3:o:cisco:rvs4000_firmware:2.0.2.7:::::::* cpe:2.3:o:cisco:rvs4000_firmware:2.0.0.3:::::::* cpe:2.3:o:cisco:rvs4000_firmware:1.3.3.5:::::::* cpe:2.3:o:cisco:rvs4000_firmware:1.3.2.0:::::::*	6
Os	Cisco Spa400 Firmware cpe:2.3:o:cisco:spa400_firmware:1.1.2.2:::::::*	1
Os	Cisco Srp520 Firmware cpe:2.3:o:cisco:srp520_firmware:1.01.29:::::::*	1
Os	Cisco srp520-U Firmware cpe:2.3:o:cisco:srp520-u_firmware:1.2.6:::::::*	1
Os	Cisco Srw224P Firmware cpe:2.3:o:cisco:srw224p_firmware:2.0.2.4:::::::*	1
Os	Cisco Wap200 Firmware cpe:2.3:o:cisco:wap200_firmware:2.0.6.0:::::::*	1
Os	Cisco Wap2000 Firmware cpe:2.3:o:cisco:wap2000_firmware:2.0.8.0:::::::*	1
Os	Cisco Wap4400N Firmware cpe:2.3:o:cisco:wap4400n_firmware:-:::::::*	1
Os	Cisco Wap4410N Firmware cpe:2.3:o:cisco:wap4410n_firmware:2.0.7.8:::::::* cpe:2.3:o:cisco:wap4410n_firmware:2.0.6.1:::::::* cpe:2.3:o:cisco:wap4410n_firmware:2.0.4.2:::::::* cpe:2.3:o:cisco:wap4410n_firmware:2.0.3.3:::::::* cpe:2.3:o:cisco:wap4410n_firmware:2.0.2.1:::::::*	5
Os	Cisco Wet200 Firmware cpe:2.3:o:cisco:wet200_firmware:2.0.8.0:::::::*	1
Os	Cisco Wrp500 Firmware cpe:2.3:o:cisco:wrp500_firmware:1.0.1.002:::::::*	1
Os	Cisco Wrv200 Firmware cpe:2.3:o:cisco:wrv200_firmware:1.0.39:::::::*	1
Os	Cisco Wrv210 Firmware cpe:2.3:o:cisco:wrv210_firmware:2.0.1.5:::::::*	1
Os	Cisco Wrvs4400N Firmware cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.2.2:::::::* cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.2.1:::::::* cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.1.3:::::::* cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.13:::::::* cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.03:::::::*	5
Os	Cisco Wvc2300 Firmware cpe:2.3:o:cisco:wvc2300_firmware:1.1.2.6:::::::*	1
Os	Technicolor C2000T Firmware cpe:2.3:o:technicolor:c2000t_firmware:-:::::::*	1
Os	Technicolor C2100T Firmware cpe:2.3:o:technicolor:c2100t_firmware:-:::::::*	1
Os	Unify Openscape Desk Phone Ip 35G Eco Sip Firmware cpe:2.3:o:unify:openscape_desk_phone_ip_35g_eco_sip_firmware:3.0:::::::*	1
Os	Unify Openscape Desk Phone Ip 35G Hfa Firmware cpe:2.3:o:unify:openscape_desk_phone_ip_35g_hfa_firmware:3.0:::::::*	1
Os	Unify Openscape Desk Phone Ip 35G Sip Firmware cpe:2.3:o:unify:openscape_desk_phone_ip_35g_sip_firmware:3.0:::::::*	1
Os	Unify Openscape Desk Phone Ip 55G Hfa Firmware cpe:2.3:o:unify:openscape_desk_phone_ip_55g_hfa_firmware:3.0:::::::*	1
Os	Unify Openscape Desk Phone Ip 55G Sip Firmware cpe:2.3:o:unify:openscape_desk_phone_ip_55g_sip_firmware:3.0:::::::*	1
Os	Unify Openstage 15 Firmware cpe:2.3:o:unify:openstage_15_firmware:3.0:::::::*	1
Os	Unify Openstage 20 Firmware cpe:2.3:o:unify:openstage_20_firmware:3.0:::::::*	1
Os	Unify Openstage 20E Firmware cpe:2.3:o:unify:openstage_20e_firmware:3.0:::::::*	1
Os	Unify Openstage 40 Firmware cpe:2.3:o:unify:openstage_40_firmware:3.0:::::::*	1
Os	Unify Openstage 60 Firmware cpe:2.3:o:unify:openstage_60_firmware:3.0:::::::*	1
Os	Zte gan9.8T101A-B Firmware cpe:2.3:o:zte:gan9.8t101a-b_firmware:-:::::::*	1
Os	Zte Hg110 Firmware cpe:2.3:o:zte:hg110_firmware:-:::::::*	1
Os	Zte Mf28G Firmware cpe:2.3:o:zte:mf28g_firmware:-:::::::*	1
Os	Zte Ox-330P Firmware cpe:2.3:o:zte:ox-330p_firmware:-:::::::*	1
Os	Zte W300V1.0.0S Zrd Tr1 D68 Firmware cpe:2.3:o:zte:w300v1.0.0s_zrd_tr1_d68_firmware:-:::::::*	1
Os	Zte Zxhn H108N Firmware cpe:2.3:o:zte:zxhn_h108n_firmware:-:::::::*	1
Os	Zyxel C1000Z Firmware cpe:2.3:o:zyxel:c1000z_firmware:-:::::::*	1
Os	Zyxel Fr1000Z Firmware cpe:2.3:o:zyxel:fr1000z_firmware:-:::::::*	1
Os	Zyxel gs1900-24 Firmware cpe:2.3:o:zyxel:gs1900-24_firmware:-:::::::*	1
Os	Zyxel gs1900-8 Firmware cpe:2.3:o:zyxel:gs1900-8_firmware:-:::::::*	1
Os	Zyxel nwa1100-N Firmware cpe:2.3:o:zyxel:nwa1100-n_firmware:-:::::::*	1
Os	Zyxel nwa1100-Nh Firmware cpe:2.3:o:zyxel:nwa1100-nh_firmware:-:::::::*	1
Os	Zyxel nwa1121-Ni Firmware cpe:2.3:o:zyxel:nwa1121-ni_firmware:-:::::::*	1
Os	Zyxel nwa1123-Ac Firmware cpe:2.3:o:zyxel:nwa1123-ac_firmware:-:::::::*	1
Os	Zyxel nwa1123-Ni Firmware cpe:2.3:o:zyxel:nwa1123-ni_firmware:-:::::::*	1
Os	Zyxel P-660hn-51 Firmware cpe:2.3:o:zyxel:p-660hn-51_firmware:-:::::::*	1
Os	Zyxel P-663hn-51 Firmware cpe:2.3:o:zyxel:p-663hn-51_firmware:-:::::::*	1
Os	Zyxel P8702N Firmware cpe:2.3:o:zyxel:p8702n_firmware:-:::::::*	1
Os	Zyxel pmg5318-B20A Firmware cpe:2.3:o:zyxel:pmg5318-b20a_firmware:-:::::::*	1
Os	Zyxel Q1000 Firmware cpe:2.3:o:zyxel:q1000_firmware:-:::::::*	1
Os	Zyxel sbg3300-N000 Firmware cpe:2.3:o:zyxel:sbg3300-n000_firmware:-:::::::*	1
Os	Zyxel sbg3300-Nb00 Firmware cpe:2.3:o:zyxel:sbg3300-nb00_firmware:-:::::::*	1
Os	Zyxel sbg3500-N000 Firmware cpe:2.3:o:zyxel:sbg3500-n000_firmware:-:::::::*	1
Os	Zyxel vmg1312-B10A Firmware cpe:2.3:o:zyxel:vmg1312-b10a_firmware:-:::::::*	1
Os	Zyxel vmg1312-B30A Firmware cpe:2.3:o:zyxel:vmg1312-b30a_firmware:-:::::::*	1
Os	Zyxel vmg1312-B30B Firmware cpe:2.3:o:zyxel:vmg1312-b30b_firmware:-:::::::*	1
Os	Zyxel vmg4380-B10A Firmware cpe:2.3:o:zyxel:vmg4380-b10a_firmware:-:::::::*	1
Os	Zyxel vmg8324-B10A Firmware cpe:2.3:o:zyxel:vmg8324-b10a_firmware:-:::::::*	1
Os	Zyxel vmg8924-B10A Firmware cpe:2.3:o:zyxel:vmg8924-b10a_firmware:-:::::::*	1
Os	Zyxel vmg8924-B30A Firmware cpe:2.3:o:zyxel:vmg8924-b30a_firmware:-:::::::*	1
Os	Zyxel vsg1435-B101 Firmware cpe:2.3:o:zyxel:vsg1435-b101_firmware:-:::::::*	1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2017-10-12 21:25:19	Multiple Updates
2017-09-28 09:24:45	Multiple Updates
2017-09-26 05:25:09	Multiple Updates
2017-09-12 21:25:35	Multiple Updates
2017-08-30 00:25:11	Multiple Updates
2015-12-17 17:23:01	Multiple Updates
2015-12-01 21:23:04	Multiple Updates
2015-12-01 17:22:43	Multiple Updates
2015-11-25 17:24:12	First insertion

Global Informations

Type	Count
CWE ID(s)	5
CPE ID(s)	88

	Related
7.5	CVE-2015-7255
5.9	CVE-2015-8251
5.9	CVE-2015-7276
5.9	CVE-2015-7256
5.9	CVE-2015-6358
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 5 more Alert(s)

5 - VU#566724

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Alert History

Global Informations

Open Standards

COMPANY

STANDARDS

RECENT POSTS

MENU