CVE-2014-3274

Published May 26, 2014
Last updated 3 months ago
CVSS info 4.3
Overview

Description: Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.
Source: ykramarz@cisco.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-310
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89820E2D-120B-4E92-95FE-7D4072C915F6",
            "versionEndIncluding": "6.0.5\\(5\\)"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.2.3\\(1101\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12193063-0545-402F-87E6-61023184F5EE"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.3.2\\(1393\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90D72D8E-0826-4716-A2EE-B934150EC5F1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.4.7\\(2229\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "494F0584-197E-4892-BD58-B574DBD090FD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.1\\(2082\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEAF862B-43D6-42A2-B710-ED803906F251"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.3\\(2115\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9FA3E247-E67F-4237-AF71-FEB0528EC35F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.10\\(3648\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C68D879E-4522-4069-84B7-ED7C511B9D05"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.11\\(3659\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C97CD7F-1ED4-4F44-BC53-5CC3871915B4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.12\\(3701\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45A3BE96-E4F8-4362-A18E-0EBCF4D65490"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.5.13\\(3717\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "679CFA7C-60D4-4369-905F-B52DCD321603"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.0\\(3954\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90C4668B-CB7C-44EB-B352-DED7C252EAD6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.2\\(4023\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BDB4EBF-C8A1-4CE6-B377-C09983BF3A21"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.3\\(4042\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43DAFA6C-2A25-499D-B11B-801F9031F2A5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.4\\(4072\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "456BF22C-3010-451F-853F-C46E94E954D2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.5\\(4097\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4A64D44-EC08-4601-93AC-6C02A4412D8C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.6\\(4109\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "090FA16C-ABF2-4464-8219-D7A8917A7ECC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.7\\(4212\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "774A9C95-8111-425B-A411-26F614384135"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.6.8\\(4222\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6D1A003-6593-4934-8518-CC40F3F8ACE3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.0.1\\(4764\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B98FCCA-923C-4501-9B06-70CB3731F49A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.0.2\\(4719\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29E0E9FC-EF3F-470A-93A4-CC9C7A71F6EC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.1\\(4864\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AE77C52-E526-4B48-8EFA-5F5C59956308"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.2\\(4937\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF620174-5C3E-43AF-8AEB-B9DD87F8C451"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.2.1\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "315EDAEC-3C60-445A-9613-23D38E8C2873"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.4\\(270\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "551E171E-973F-47A5-8A7F-70062E76E9CD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.5\\(42\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43DB9A3E-F495-4D22-874F-DDFB73C07534"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.7.6\\(4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2177AF2B-BF5C-431C-8899-88ECC4E91BC4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.0\\(55\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2DBBADC-6367-4F75-9F58-E42A05AC992C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.1\\(34\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFEAB6C5-3B65-42D0-B597-0322D9F57C82"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.2\\(11\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD609D6C-0DA9-4D5F-B2F0-88BCAFCB7959"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.3\\(4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62CBB917-651A-4EB8-842D-0BEA708A1BFB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.4\\(13\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8BBAAC16-A2BE-4D8D-8DEA-9FD4BDA7E17B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.8.5\\(4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8819E5D6-F369-4BD2-A816-94F7A919C4B9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.0\\(46\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34508470-64C3-4A99-BBB0-169AFA3BE50B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.0.1\\(3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09D6BB57-FB29-4DBD-9974-7DE67695A416"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.1\\(68\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6570B01-07EB-425B-91E7-70517889A462"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE52CFC-2DE3-4780-9471-BA2390070C78"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.2\\(19\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68710E69-4FD8-4FED-9D7B-CE7317982E2F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68884D7C-6F29-4435-8904-C684959C9D4D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.3\\(44\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00737930-5F3C-4274-9633-00B3837ED6BC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52DDA787-1F51-415A-BF59-B9EAAE69EA2A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.4\\(19\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "995E5365-B6C3-4A4A-9F14-EADD27C8B9B8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BABEE2DD-7C86-4BD0-9928-DC370D3F786B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.5\\(7\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20831FBF-99C9-4B02-A577-6D28CC2983DD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79C69EA5-F5D2-4DC7-BE08-F0CBA967A249"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34600183-7CCF-4424-8887-8EC9ADD1B09E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.9.6.1\\(3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53734B19-352E-40F4-9A7C-E1A545B511FF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4E70952-7132-4F2B-932F-56FAD2A89A96"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.0\\(259\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B3E2221-6FA5-4ABB-9102-414430E4865B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F861192D-6138-49D2-BF8A-2D10B863253A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.1\\(43\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E6F9075-05E8-4B02-94C3-6AC2D36F5979"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.2\\(42\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93666603-82A3-4E19-9BD1-4B0F39390992"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:1.10.3\\(41\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9ED6E73D-7510-44DB-ADDB-9F757F90232E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BF71FA2-B8FC-4AE7-A0FD-8A4FAA0FE510"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.0.1\\(4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C315F74-11D0-42EF-84F7-A9747A8C03E1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.1\\(50\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18516CB9-5EE8-4CC3-ACC3-6A0DF29D1D4B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.2\\(28\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A03B63BB-9DE1-41F9-A993-8295C368F611"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.3\\(33\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E32AA0A3-88AD-40D9-BF87-0DB0C1C7DADB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_system_software:6.0.4\\(11\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45697A1C-B866-4BFE-8311-C82DDCE0A5C1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
