Описание
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-0675
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90650
- http://osvdb.org/102377
- http://secunia.com/advisories/56621
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0675
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32540
- http://www.securityfocus.com/bid/65101
- http://www.securitytracker.com/id/1029682
EPSS
CVE ID
Связанные уязвимости
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.
EPSS