Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0694

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-0694
Last Modified 14 Mar 2014 01:56:47
Published 14 Mar 2014 06:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-0694

Summary

Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier includes a cryptographic key in binary files, which makes it easier for remote attackers to obtain cleartext data from an arbitrary IAC installation by leveraging knowledge of this key, aka Bug IDs CSCui34764, CSCui34772, CSCui34776, CSCui34798, CSCui34800, CSCui34805, CSCui34809, CSCui34810, CSCui34813, CSCui34814, and CSCui34818.

Vulnerable Systems

Application

  • Cisco Cloud Portal 9.1

  • Cisco Cloud Portal 9.3

  • Cisco Cloud Portal 9.3.1

  • Cisco Cloud Portal 9.3.2

  • Cisco Cloud Portal 9.4

  • Cisco Cloud Portal 9.4.1


References

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=33336

CISCO - 20140312 Cisco Intelligent Automation for Cloud Cryptographic Implementation Issues


Last Updated: 27 May 2016 11:04:40