Home

CVE-2014-3403

Description

The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote attackers to spoof devices via crafted messages, aka Bug ID CSCuq22647.

Risk Information

Base Score
5.3
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.131

Associated Vulnerability

VulnerabilityOS Platform
Cisco IOS XE Software Autonomic Networking Infrastructure Certificate Validation Vulnerability For Cisco IOS XE SoftwareNCM
CVE-2014-3403NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1706107Security Update for Cisco IOS XE Software 5.2(1)SV5(1.3a)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234