Sensitive Credential Exposure in Cisco-Meraki Devices
CVE-2014-7993

Currently unrated

Key Information:

Vendor: Cisco
Status: Meraki Mx Firmware
Vendor: CVE Published:; 24 December 2014

Summary

Cisco-Meraki MS, MR, and MX devices with firmware versions prior to September 24, 2014, are susceptible to a vulnerability that allows remote attackers to gain access to sensitive credential information. This issue arises from the exploitation of an unspecified HTTP handler, which can be leveraged by an attacker on the local network to compromise security and access confidential data.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

https://dashboard.meraki.com/firmware_security

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 24, 2014
Vulnerability Reserved
Oct 8, 2014