CVE-2014-0675

CVE Database · CVE-2014-0675

CVE-2014-0675

· N/AModified

CVSS v3.1

N/A

EPSS

1.60%

Published

Jan 23, 2014

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471.

Weaknesses (CWE)

CWE-255

Affected Products (1)

cisco · telepresence_video_communication_servervulnerable

References (14)

http://osvdb.org/102377

http://secunia.com/advisories/56621

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0675

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=32540

Vendor Advisory

http://www.securityfocus.com/bid/65101

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029682

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/90650

http://osvdb.org/102377

KEV Catalog EPSS Scores Vendors All CVEs