The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 02:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/78876 - | |
References | () http://www.securitytracker.com/id/1034408 - | |
References | () http://www.securitytracker.com/id/1034409 - |
Information
Published : 2015-12-13 03:59
Updated : 2024-11-21 02:34
NVD link : CVE-2015-6418
Mitre link : CVE-2015-6418
CVE.ORG link : CVE-2015-6418
JSON object : View
Products Affected
cisco
- sa540
- rv016_multi-wan_vpn_firmware
- rv042g_dual_gigabit_wan_vpn_firmware
- sa520
- rv042_dual_wan_vpn_router_firmware
- sa520w
- rv082_dual_wan_vpn_router_firmware
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor