2 matches found
Cisco TelePresence Video Communication Server Expressway Default SSL Certificate
The X.509 certificate of the remote host is known to ship by default with the remote service / device. The private key for this cert has been published, therefore the SSL communications done with the remote host cannot be considered secret as anyone with the ability to snoop the traffic between t...
CVE-2014-0675
Cisco TelePresence Video Communication Server (VCS) Expressway is affected by CVE-2014-0675 due to using the same default X.509 SSL certificate across multiple customers, with the private key published. This enables potential MITM-style interception across SSL sessions if an attacker can leverage...