Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.CISCO_TELEPRESENCE_MCU_CSCUP23994.NASL
HistoryJun 18, 2014 - 12:00 a.m.

Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL

2014-06-1800:00:00
This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
47
JSON

The remote Cisco TelePresence MCU device is running a software version known to be affected by multiple OpenSSL related vulnerabilities :

  • An error exists related to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could allow nonce disclosure via the ‘FLUSH+RELOAD’ cache side-channel attack. (CVE-2014-0076)

    • An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks.
      (CVE-2014-0224)

    • An unspecified error exists related to anonymous ECDH ciphersuites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(76131);
  script_version("1.8");
  script_cvs_date("Date: 2019/11/26");

  script_cve_id("CVE-2014-0076", "CVE-2014-0224", "CVE-2014-3470");
  script_bugtraq_id(66363, 67898, 67899);
  script_xref(name:"CERT", value:"978508");

  script_name(english:"Cisco TelePresence MCU Series Devices Multiple Vulnerabilities in OpenSSL");
  script_summary(english:"Checks TelePresence MCU device version.");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote Cisco TelePresence MCU device is running a software version
known to be affected by multiple OpenSSL related vulnerabilities :

- An error exists related to the implementation of the
    Elliptic Curve Digital Signature Algorithm (ECDSA) that
    could allow nonce disclosure via the 'FLUSH+RELOAD'
    cache side-channel attack. (CVE-2014-0076)

  - An unspecified error exists that could allow an
    attacker to cause usage of weak keying material
    leading to simplified man-in-the-middle attacks.
    (CVE-2014-0224)

  - An unspecified error exists related to anonymous ECDH
    ciphersuites that could allow denial of service
    attacks. Note this issue only affects OpenSSL TLS
    clients. (CVE-2014-3470)");
  # http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5539aa9d");
  script_set_attribute(attribute:"see_also", value:"https://www.openssl.org/news/secadv/20140605.txt");
  script_set_attribute(attribute:"solution", value:
"No known fixed version have been released. There are partial
workarounds detailed in the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-0224");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2014/06/05");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/06/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/18");

  script_set_attribute(attribute:"potential_vulnerability", value:"true");
  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_mcu_mse_series_software");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CISCO");

  script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("cisco_telepresence_mcu_detect.nasl");
  script_require_keys("Cisco/TelePresence_MCU/Version", "Settings/ParanoidReport");

  exit(0);
}

include("audit.inc");
include("cisco_func.inc");

device = get_kb_item_or_exit("Cisco/TelePresence_MCU/Device");
version = get_kb_item_or_exit("Cisco/TelePresence_MCU/Version");

if (version !~ "^[0-9.()]+$") exit(0, 'The version string is invalid or not applicable.');

# only affected if HTTPS admin interface is enabled
if (report_paranoia < 2) audit(AUDIT_PARANOID);

fix = '';
found_affected_device = FALSE;
vuln = FALSE;

if (
  device =~ " 42(0[35]|1[05]|20)($|[ \n\r])" || # 4200 series
  device =~ " 45(0[15]|1[05]|20)($|[ \n\r])" || # 4500 series
  device =~ " 53[12]0($|[ \n\r])" || # 5300 series
  device =~ " MSE 8420($|[ \n\r])" ||
  device =~ " MSE 8510($|[ \n\r])"
)
{
  found_affected_device = TRUE;
  if (
    cisco_gen_ver_compare(a:version, b:'4.0(1.18)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.0(1.44)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.0(1.49)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.0(1.54)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.1(1.51)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.1(1.59)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.2(1.43)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.2(1.46)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.2(1.50)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.3(1.68)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.3(2.18)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.3(2.30)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.3(2.32)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.4(3.42)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.4(3.49)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.4(3.54)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.4(3.57)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.4(3.67)') == 0 ||
    cisco_gen_ver_compare(a:version, b:'4.5(1.45)') == 0
  ) vuln = TRUE;
}

if (!found_affected_device) exit(0, "The remote TelePresence device is not affected.");

if (vuln) security_warning(0);
else audit(AUDIT_INST_VER_NOT_VULN, "Cisco TelePresence", version);
VendorProductVersionCPE
ciscotelepresence_mcu_mse_series_softwarecpe:/a:cisco:telepresence_mcu_mse_series_software

Related

nessus 71
openvas 31
suse 6
ibm 41
osv 2
debian 4
huawei 1
fortinet 1
intel 1
cisco 1
vmware 1
ics 1
freebsd 2
ubuntu 4
kaspersky 1
mageia 1
freebsd_advisory 1
f5 4
openssl 2
aix 1
checkpoint_advisories 1
cve 2
seebug 1
veracode 2
ubuntucve 2
prion 2
mariadbunix 1
securityvulns 2
debiancve 2
threatpost 2
arista 1
centos 1
cert 1
amazon 1
nodejsblog 1
nessus
nessus
Cisco Windows Jabber Client Multiple Vulnerabilities in OpenSSL (cisco-sa-20140605-openssl)
2014-06-18 00:00:00
Xerox ColorQube 8570 / 8870 Multiple Vulnerabilities (XRX15OA)
2015-11-03 00:00:00
Cisco ONS 15400 Series Devices Multiple Vulnerabilities in OpenSSL
2014-06-18 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0761-1)
2021-06-09 00:00:00
SUSE: Security Advisory for OpenSSL (SUSE-SU-2014:0761-1)
2015-10-16 00:00:00
Debian: Security Advisory (DLA-0003-1)
2023-03-08 00:00:00
suse
suse
Security update for OpenSSL (critical)
2014-06-06 01:05:59
Security update for OpenSSL (critical)
2014-06-06 00:04:19
Security update for OpenSSL (critical)
2014-06-07 01:04:17
ibm
ibm
Security Bulletin: Rational RequisitePro affected by OpenSSL vulnerabilities (CVE-2014-0224, CVE-2014-3470)
2019-10-24 21:46:41
Security Bulletin: IBM Flex System Manager (FSM) is affected by OpenSSL vulnerabilities: (CVE-2014-0224, CVE-2014-3470)
2019-01-31 01:25:01
Security Bulletin: Security vulnerabilities have been identified in IBM WebSphere MQ (CVE-2014-0224, CVE-2014-3470), Websphere Message Broker and IBM Integration Bus (CVE-2014-0224) shipped with Predictive Maintenance and Quality
2018-06-15 22:33:16
osv
osv
openssl - security update
2014-06-05 00:00:00
openssl - security update
2014-06-05 00:00:00
debian
debian
openssl security update
2014-06-05 19:36:04
openssl security update
2014-06-05 19:36:19
[SECURITY] [DSA 2950-2] openssl update
2014-06-16 18:21:12
huawei
huawei
Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products
2014-06-13 00:00:00
fortinet
fortinet
Multiple Vulnerabilities in OpenSSL
2014-06-06 00:00:00
intel
intel
Multiple Security Issues with Intel® Manycore Platform Software Stack (Intel® MPSS) release 3.x
2014-08-26 00:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
2014-06-05 22:40:00
vmware
vmware
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
ics
ics
Siemens OpenSSL Vulnerabilities (Update G)
2018-08-29 12:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2014-06-05 00:00:00
OpenSSL -- Local Information Disclosure
2014-04-07 00:00:00
ubuntu
ubuntu
OpenSSL regression
2014-08-18 00:00:00
OpenSSL vulnerabilities
2014-06-05 00:00:00
OpenSSL regression
2014-06-12 00:00:00
kaspersky
kaspersky
KLA10382 Multiple vulnerabilities in VMware
2014-06-10 00:00:00
mageia
mageia
Updated openssl packages fix multiple vulnerabilties
2014-06-06 14:31:01
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:14.openssl
2014-06-05 00:00:00
f5
f5
SOL15295 - OpenSSL vulnerability CVE-2014-0076
2014-05-29 00:00:00
SOL15342 - OpenSSL vulnerability CVE-2014-3470
2014-06-16 00:00:00
K15342 : OpenSSL vulnerability CVE-2014-3470
2014-08-13 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2014-0076
2014-02-14 00:00:00
Vulnerability in OpenSSL CVE-2014-3470
2014-05-30 00:00:00
aix
aix
AIX OpenSSL Vulnerabilities (Multiple CVEs)
2014-06-11 06:39:27
checkpoint_advisories
checkpoint_advisories
OpenSSL Anonymous ECDH Denial of Service (CVE-2014-3470)
2014-06-10 00:00:00
cve
cve
CVE-2014-3470
2014-06-05 21:55:00
CVE-2014-0076
2014-03-25 13:25:00
seebug
seebug
OpenSSL ECDSA Nonces恢复漏洞
2014-03-25 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Null Pointer Dereference
2017-02-07 02:02:21
Side-channel Timing Attack
2017-02-08 02:53:24
ubuntucve
ubuntucve
CVE-2014-3470
2014-06-05 00:00:00
CVE-2014-0076
2014-03-25 00:00:00
prion
prion
Null pointer dereference
2014-06-05 21:55:00
Design/Logic Flaw
2014-03-25 13:25:00
mariadbunix
mariadbunix
CVE-2014-3470
2014-06-05 21:55:07
securityvulns
securityvulns
OpenSSL multiple security vulnerabilities
2014-06-06 00:00:00
ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities
2014-08-26 00:00:00
debiancve
debiancve
CVE-2014-3470
2014-06-05 21:55:00
CVE-2014-0076
2014-03-25 13:25:00
threatpost
threatpost
Second NSA Crypto Tool Found in RSA BSafe
2014-03-31 15:59:27
SSL Pulse Scans Quantify Vulnerable OpenSSL Servers
2014-06-13 14:05:55
arista
arista
Security Advisory 0005
2014-06-09 00:00:00
centos
centos
openssl security update
2014-06-06 01:40:21
cert
cert
OpenSSL is vulnerable to a man-in-the-middle attack
2014-06-05 00:00:00
amazon
amazon
Important: openssl098e
2014-06-05 15:38:00
nodejsblog
nodejsblog
OpenSSL and Breaking UTF-8 Change (fixed in Node v0.8.27 and v0.10.29)
2014-06-16 00:00:00
JSON
Related for CISCO_TELEPRESENCE_MCU_CSCUP23994.NASL
nessus71openvas31suse6ibm41osv2debian4huawei1fortinet1intel1cisco1vmware1ics1freebsd2ubuntu4kaspersky1mageia1freebsd_advisory1f54openssl2aix1checkpoint_advisories1cve2seebug1veracode2ubuntucve2prion2mariadbunix1securityvulns2debiancve2threatpost2arista1centos1cert1amazon1nodejsblog1