Cryptographic Key Exposure in Cisco Cloud Portal Software
CVE-2014-0694

Currently unrated

Key Information:

Vendor: Cisco
Status: Cloud Portal
Vendor: CVE Published:; 14 March 2014

Summary

Cisco Cloud Portal versions prior to 9.4.1 exhibit vulnerabilities due to improper handling of cryptographic keys embedded in binary files. This misconfiguration allows remote attackers to acquire sensitive cleartext data from any affected installation, potentially compromising the confidentiality of information processed by the Intelligent Automation for Cloud software. Various related bug IDs highlight specific instances of this vulnerability, underscoring the need for timely remediation and security best practices.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 14, 2014
Vulnerability Reserved
Jan 2, 2014