Unrated severityNVD Advisory· Published Jun 26, 2015· Updated Jun 17, 2026
CVE-2015-4216
CVE-2015-4216
Description
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*
- (no CPE)range: < 2015-06-25
cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*
- (no CPE)range: < 2015-06-25
cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*
- (no CPE)range: < 2015-06-25
Patches
Vulnerability mechanics
References
4- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironportnvdVendor Advisory
- www.securityfocus.com/bid/75417nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1032725nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1032726nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.