Vulnerability CVE-2014-7991

Vulnerability Name:

CVE-2014-7991 (CCN-98574)

Assigned:

2014-11-10

Published:

2014-11-10

Updated:

2017-09-08

Summary:

The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a legitimate Certification Authority, aka Bug ID CSCuq86376.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-310

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2014-7991

Source: SECUNIA
Type: UNKNOWN
62267

Source: CCN
Type: Cisco Security Notice
Cisco Unified Communications Manager Remote Mobile Access Subsystem Vulnerability

Source: CISCO
Type: Vendor Advisory
20141110 Cisco Unified Communications Manager Remote Mobile Access Subsystem Vulnerability

Source: CONFIRM
Type: Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=36381

Source: BID
Type: UNKNOWN
71013

Source: CCN
Type: BID-71013
Cisco Unified Communications Manager TLS Certificate Validation Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1031181

Source: XF
Type: UNKNOWN
cisco-ucm-cve20147991-spoofing(98574)

Source: XF
Type: UNKNOWN
cisco-ucm-cve20147991-spoofing(98574)

Vulnerable Configuration:

Configuration 1:

cpe:/a:cisco:unified_communications_manager:10.0:*:*:*:*:*:*:*

OR cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* (Version <= 10.0(1))

Configuration CCN 1:

cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK