Vulnerability in Cisco Telepresence_video_communication_server
CVE-2014-0675
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle atta…
EPSS: 0.004 (63.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco Telepresence_video_communication_server
- N/a — versions n/a
Weakness classification (CWE)
References
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- 65101 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- cisco-telepresence-cve20140675-mitm(90650) (vdb-entry, x_refsource_XF)
- 56621 (x_refsource_SECUNIA, third-party-advisory)
- 102377 (x_refsource_OSVDB, vdb-entry)
- 20140122 Cisco TelePresence Video Communication Server Expressway Default SSL Certificate Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 1029682 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)