CVE-2014-0694

Published Mar 14, 2014

Last updated 11 years ago

Overview

Description: Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier includes a cryptographic key in binary files, which makes it easier for remote attackers to obtain cleartext data from an arbitrary IAC installation by leveraging knowledge of this key, aka Bug IDs CSCui34764, CSCui34772, CSCui34776, CSCui34798, CSCui34800, CSCui34805, CSCui34809, CSCui34810, CSCui34813, CSCui34814, and CSCui34818.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-255

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26D4A390-4F2E-4978-B2EE-D69315C19D94",
            "versionEndIncluding": "9.4.1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.1:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B42A12C4-FBA7-4A24-BD71-652DB9329766"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.1:sp2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "257939F1-2806-48FC-A553-FBB8F974D041"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.1:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D064F97D-C82A-4834-B331-320FC769EBBF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "687EF522-0EDA-4572-B41C-5BEC96B93948"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C79C4C7F-A148-41CB-A80F-285CAFD9599E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D66F9DC-FDBB-471B-8453-5452A7C5D124"
          },
          {
            "criteria": "cpe:2.3:a:cisco:cloud_portal:9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB10A254-3C6F-45B5-BBE8-9970366CEE9E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References