Credentials Management Errors
CVE-2014-0675
Summary
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- NONE
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published