Authentication Bypass in Cisco Unified IP Phone 7960G
CVE-2014-0737

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phone 7960g
Vendor: CVE Published:; 22 February 2014

Summary

The vulnerability in the Cisco Unified IP Phone 7960G allows remote attackers to bypass authentication mechanisms. By injecting a malicious Certificate Trust List (CTL) file, an attacker can alter trust relationships, potentially leading to unauthorized access and manipulation of sensitive data and communications within the network. This issue poses significant security risks to organizations using affected versions of the device.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Feb 22, 2014
Vulnerability Reserved
Jan 2, 2014