4.3
CVE-2014-3274
- EPSS 0.38%
- Veröffentlicht 26.05.2014 00:25:31
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Telepresence System Software Version <= 6.0.5\(5\)
Cisco ≫ Telepresence System Software Version1.9.2
Cisco ≫ Telepresence System Software Version1.9.3
Cisco ≫ Telepresence System Software Version1.9.4
Cisco ≫ Telepresence System Software Version1.9.5
Cisco ≫ Telepresence System Software Version1.9.6
Cisco ≫ Telepresence System Software Version1.10.0
Cisco ≫ Telepresence System Software Version1.10.1
Cisco ≫ Telepresence System Software Version4.0.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.587 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|