Published: 23/01/2014 Updated: 29/08/2017

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Subscribe to Telepresence Video Communication Server

The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote malicious users to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco telepresence video communication server -

A vulnerability in the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to execute a man-in-the-middle (MITM) attack between one or more affected devices The vulnerability occurs because the same default SSL certificate is used across all Cisco TelePresence VCS Expressway devices An ...

CWE-255 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0675 http://tools.cisco.com/security/center/viewAlert.x?alertId=32540 http://osvdb.org/102377 http://www.securityfocus.com/bid/65101 http://www.securitytracker.com/id/1029682 http://secunia.com/advisories/56621 https://exchange.xforce.ibmcloud.com/vulnerabilities/90650 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140123-CVE-2014-0675

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-0675

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect