3 matches found
CVE-2014-7991
The Remote Mobile Access Subsystem in Cisco Unified Communications Manager CM 10.01 and earlier does not properly validate the Subject Alternative Name SAN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a...
CVE-2014-7991
The Remote Mobile Access Subsystem in Cisco Unified Communications Manager CM 10.01 and earlier does not properly validate the Subject Alternative Name SAN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a...
CVE-2014-7991
The CVE-2014-7991 issue affects Cisco Unified Communications Manager (CM) Remote Mobile Access Subsystem for CM 10.0(1) and earlier. It stems from improper validation of the SAN field in TLS certificates, enabling a remote attacker to impersonate a VCS core device and perform MITM attacks when a ...