On September 23, Cisco announced a security advisory for a vulnerability in the SSH version 2 (SSHv2) protocol implementation of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to bypass user authentication. Successful exploitation could allow the attacker to log in with the privileges of the user or the privileges configured for the Virtual Teletype (VTY) line.


This vulnerability is documented in CVE ID CVE-2015-6280. The Common Vulnerability Scoring System (CVSS) temporal score for this vulnerability is 7.7.


The September 2015 edition of SteelCentral NetAuditor Advisory Service update is now available for versions 18.0.2, and 18.0.3. This update includes a security advisory rule for identifying devices affected by this vulnerability.


  • New Security Advisory Rule
    • IOS and IOS XE SSHv2 RSA-Based User Authentication Bypass Vulnerability (cisco-sa-20150923-sshpk)


You can download this update directly from NetAuditor by:

  • Manually selecting NetDoctor / Advisories / Download Now, or
  • Adding an automation step to download new update.
    See user guide section: "Modules / NetDoctor / SteelCentral NetAuditor Advisory Service"


You can also download the patch installer from the SAS Website (requires login).


Please contact Riverbed Technical Support with your questions/comments.



NetAuditor Product Management