HIGH✓ PATCH🇬🇧 English

CVE-2014-2198

CVSS 10.0v2.0pub. 2014-07-07upd. 2026-05-06

Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation of the product, aka Bug ID CSCud41130.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Cisco Unified Cdm Platform Software

    APP
    Cisco
    ≤ 4.4
  • Cisco Unified Communications Domain Manager

    APP
    Cisco
    wszystkie wersje
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2018-0124CRITICAL9.8ten sam produkt

A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker...

CVE-2018-0364HIGH8.8ten sam produkt

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could all...

CVE-2014-3300HIGH7.5ten sam produkt

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Ap...

CVE-2014-2197HIGH9.0ten sam produkt

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CD...

CVE-2019-15968MEDIUM5.4ten sam produkt

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified ...