ID CVE-2014-2198 Type cve Reporter NVD Modified 2017-01-06T21:59:45
Description
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation of the product, aka Bug ID CSCud41130.
{"title": "CVE-2014-2198", "reporter": "NVD", "enchantments": {"score": {"vector": "NONE", "value": 5.0}, "vulnersScore": 5.0}, "published": "2014-07-07T07:01:29", "cvelist": ["CVE-2014-2198"], "viewCount": 1, "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2198", "bulletinFamily": "NVD", "hashmap": [{"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "e47ebeaddc18d0fdc7c238955bcba8f1", "key": "cpe"}, {"hash": "5e828f988582a728655c5cfa4c0b8038", "key": "cvelist"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "ebbdafe17df7e77ec9be1c2b04bf40f9", "key": "description"}, {"hash": "dc1b9cd24c25a7ed2b9d84788b9613d6", "key": "href"}, {"hash": "df7e1cd079787bcf10fa3e49397bbffc", "key": "modified"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "d00cf6b12bdce4efd405f868b3ef4834", "key": "published"}, {"hash": "98181b8b8758e07fc5779b0f4e9e2803", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "debd5afd22cf1f5665dd6d3098e382bd", "key": "title"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}], "history": [{"bulletin": {"reporter": "NVD", "published": "2014-07-07T07:01:29", "cvelist": ["CVE-2014-2198"], "title": "CVE-2014-2198", "objectVersion": "1.2", "type": "cve", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2198", "bulletinFamily": "NVD", "id": "CVE-2014-2198", "history": [], "scanner": [], "cpe": ["cpe:/a:cisco:unified_communications_domain_manager:-", "cpe:/a:cisco:unified_cdm_platform_software:4.4"], "modified": "2014-07-07T13:36:14", "hash": "d2e9aed2aaf5ec9d3bed335ec7a37e0f2ccd10c643b5366b53fc18c1e3886b21", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "viewCount": 1, "edition": 1, "assessment": {"name": "", "href": "", "system": ""}, "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"], "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "debd5afd22cf1f5665dd6d3098e382bd", "key": "title"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "5e828f988582a728655c5cfa4c0b8038", "key": "cvelist"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f4c92dfb134bc1a8423db61b046f8323", "key": "references"}, {"hash": "5bde5604ea09d08b8093e553075e19d4", "key": "modified"}, {"hash": "ebbdafe17df7e77ec9be1c2b04bf40f9", "key": "description"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "d00cf6b12bdce4efd405f868b3ef4834", "key": "published"}, {"hash": "dc1b9cd24c25a7ed2b9d84788b9613d6", "key": "href"}, {"hash": "e47ebeaddc18d0fdc7c238955bcba8f1", "key": "cpe"}], "lastseen": "2016-09-03T20:11:49", "description": "Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation of the product, aka Bug ID CSCud41130."}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T20:11:49"}], "scanner": [], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "modified": "2017-01-06T21:59:45", "hash": "026f9d4d05e5d4d2c6b9f0d17619f46c5057dde4bdd336b53347e4f90f611514", "cpe": ["cpe:/a:cisco:unified_communications_domain_manager:-", "cpe:/a:cisco:unified_cdm_platform_software:4.4"], "edition": 2, "description": "Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation of the product, aka Bug ID CSCud41130.", "references": ["http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689", "http://www.securitytracker.com/id/1030515", "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm", "http://secunia.com/advisories/59544", "http://www.securityfocus.com/bid/68334"], "id": "CVE-2014-2198", "lastseen": "2017-04-18T15:54:42", "assessment": {"name": "", "href": "", "system": ""}}
{"securityvulns": [{"lastseen": "2018-08-31T11:09:56", "references": [], "description": "Default ssh-key, privilege escalation, SSRF.", "edition": 1, "reporter": "CISCO", "published": "2014-08-04T00:00:00", "title": "Cisco Unified Communications Domain Manager multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:56", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Unified CDM", "version": "4.4", "operator": "eq"}, {"name": "Unified CDM", "version": "8.1", "operator": "eq"}], "cvelist": ["CVE-2014-2197", "CVE-2014-3300", "CVE-2014-2198"], "modified": "2014-08-04T00:00:00", "id": "SECURITYVULNS:VULN:13907", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13907", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cisco": [{"lastseen": "2017-09-26T15:33:49", "_object_types": ["robots.models.base.Bulletin", "robots.models.cisco.CiscoBulletin"], "references": ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"], "description": "A vulnerability in the implementation of the framework that allows access to\nsupport representatives of the Cisco\nUnified Communications Domain Manager Platform Software could allow an unauthenticated,\nremote attacker to connect to the affected system with the privileges of\nthe root user.\n\nThe vulnerability is due to the presence of\na default SSH private key, which is stored in an insecure way on the system. An attacker could exploit this vulnerability by obtaining the SSH\nprivate key. For example, the attacker might reverse engineer the binary file of the operating system.\nThis will allow the attacker to connect by using the support account to the\nsystem without requiring any form of authentication. An exploit could allow the attacker to gain access to the system with the privileges of the root user.\n\nA vulnerability in the web framework of Cisco Unified Communications Domain Manager Application Software could allow an unauthenticated, remote attacker to access and modify BVSMWeb portal user information such as settings in the personal phone directory, speed dials, Single Number Reach, and call forward settings.\n\nThe vulnerability is due to improper implementation of authentication and authorization controls when accessing some web pages of the BVSMWeb portal. An attacker could exploit this vulnerability by submitting a crafted URL to the affected system.\n\nA vulnerability in the web framework of the\nCisco Unified Communications Domain Manager Application Software could allow an\nauthenticated, remote attacker to elevate privileges and gain\nadministrative access to the affected system.\n\nThe vulnerability\nis due to improper implementation of authentication and authorization\ncontrols of the Administration GUI. An attacker could exploit this\nvulnerability by submitting a crafted URL to change the administrative credentials of a user.\nThe attacker needs to be authenticated to the system or convince a valid user of the Administration GUI to click a\nmalicious link.\n\nCisco Unified Communications Domain Manager (Cisco Unified CDM) is affected by the following vulnerabilities:\n\n Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability\n Cisco Unified Communications Domain Manager Default SSH Key Vulnerability \n Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability \n\nSuccessful exploitation of the Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability or of the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability may allow an attacker\nto execute arbitrary commands or obtain privileged access to the affected system.\n\nSuccessful exploitation of the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability may allow an attacker to access and modify BVSMWeb portal user information\nsuch settings in the personal phone directory, speed dials, Single Number Reach, and\ncall forward settings.\n\nCisco has released free software updates that address the Cisco Unified Communications Domain Manager Privilege Escalation Vulnerability and the\nCisco Unified Communications Domain Manager Default SSH Key Vulnerability. \n\nCisco will provide a free software update for the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability as soon as the fix is available.\n\nWorkarounds that mitigate these vulnerabilities are not available. Customers that are concerned about the Cisco Unified Communications Domain Manager BVSMWeb Unauthorized Data Manipulation Vulnerability may apply the\nmitigation detailed in the \"Workarounds\" section of this advisory. \n\nNote: Due to an error in the fix of the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability, all Cisco Unified CDM Platform Software releases are\nvulnerable regardless if a previous patch has been applied due to this security advisory. This advisory has been updated to provide additional information about the fix for the Cisco Unified Communications Domain Manager Default SSH Key Vulnerability.\n\nThis advisory is available at the following link:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm[\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm\"]", "reporter": "Cisco", "published": "2014-07-02T16:00:00", "type": "cisco", "title": "Multiple Vulnerabilities in Cisco Unified Communications Domain Manager", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "Cisco Unified Communications Domain Manager", "version": "any", "operator": "eq"}, {"name": "Cisco Unified Communications Domain Manager Platform", "version": "any", "operator": "eq"}], "cvelist": ["CVE-2014-2197", "CVE-2014-2198", "CVE-2014-3300"], "_object_type": "robots.models.cisco.CiscoBulletin", "modified": "2014-10-13T15:55:13", "id": "CISCO-SA-20140702-CUCDM", "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
