Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2014-0737

Published: 22/02/2014 Updated: 06/03/2014
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Cisco

Vulnerability Summary

The Cisco Unified IP Phone 7960G 9.2(1) and previous versions allows remote malicious users to bypass authentication and change trust relationships by injecting a Certificate Trust List (CTL) file, aka Bug ID CSCuj66795.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco unified ip phone 7960g

Vendor Advisories

Cisco: Cisco Third-Generation IP Phone CTL Trust Chain Enforcement Vulnerability
A vulnerability in Certificate Trust List (CTL) authentication of Cisco third-generation IP phones could allow an unauthenticated, remote attacker to inject a crafted CTL file to the IP phone The vulnerability is due to insufficient authentication of the CTL file An attacker could exploit this vulnerability by injecting a crafted CTL file to the ...

References

CWE-287http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0737http://tools.cisco.com/security/center/viewAlert.x?alertId=32957https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140221-CVE-2014-0737
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook