SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Cisco Cloud Portal Vendors:   Cisco
Cisco Cloud Portal Discloses Cryptographic Material That Lets Remote Users Decrypt Data
SecurityTracker Alert ID:  1029915
SecurityTracker URL:  http://securitytracker.com/id/1029915
CVE Reference:   CVE-2014-0694   (Links to External Site)
Date:  Mar 13 2014
Impact:   Disclosure of authentication information
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Cloud Portal. A local user can obtain cryptographic material. A remote user with access to the cryptographic material can then decrypt data.

The Cisco Intelligent Automation for Cloud (Cisco IAC) binaries include fixed cryptographic material. A remote user that can access encrypted data from the target Cisco IAC installation can decrypt the data.

The vendor has assigned Bug IDs CSCui34764, CSCui34772, CSCui34776, CSCui34798, CSCui34800, CSCui34805, CSCui34809, CSCui34810, CSCui34813, CSCui34814, and CSCui34818 to this vulnerability.

Impact:   A user can obtain cryptographic material and use that to decrypt data.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0694

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0694 (Links to External Site)
Cause:   Not specified

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC