CVE-2015-7256 Information
Feb 14, 2021
cve
Description
ZyXEL NWA1100-N NWA1100-NH NWA1121-NI NWA1123-AC and NWA1123-NI access points; P-660HN-51 P-663HN-51 VMG1312-B10A VMG1312-B30A VMG1312-B30B VMG4380-B10A VMG8324-B10A VMG8924-B10A VMG8924-B30A and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000 SBG3300-NB00 and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z Q1000 FR1000Z and P8702N project models use non-unique X.509 certificates and SSH host keys.
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Reference
http://www.kb.cert.org/vuls/id/566724 http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
5.9
Share on: