CVE-2014-0675

The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.

Severity	MEDIUM
CVSS	6.4
CWE	CWE-255
KEV
Published	12 years ago
Modified	2 weeks ago

Related Products

Product	Advisory	Evidence
Cisco TelePresence Video Communication Server (VCS) Expressway	Cisco-SA-20140123-CVE-2014-0675	Cisco OpenVuln
Cisco TelePresence Video Communication Server (VCS)	Cisco-SA-20140123-CVE-2014-0675	Cisco OpenVuln
Cisco TelePresence	Cisco-SA-20140123-CVE-2014-0675	Cisco OpenVuln