CVE-2015-6418
Severity
4.3MEDIUM
EPSS
0.4%
top 40.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 13
Latest updateMay 17
Description
The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.
CVSS vector
AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9
Affected Packages7 packages
🔴Vulnerability Details
2📋Vendor Advisories
1Cisco▶
Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability↗2015-12-11