Vulnerability in Cisco Adaptive_security_appliance_software
CVE-2014-3394
The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certifica…
Vulnerability class: Improper Certificate Validation
EPSS: 0.001 (25.7th percentile) — read the EPSS interpretation.
Affected products
Weakness classification (CWE)
Public proof-of-concept exploits
References
- 20141008 Multiple Vulnerabilities in Cisco ASA Software (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
Frequently asked questions
- What is CVE-2014-3394?
- CVE-2014-3394 is a vulnerability in Cisco Adaptive_security_appliance_software, classified under Improper Certificate Validation. Published 2014-10-10.
- Is CVE-2014-3394 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.