Details of VAR-201410-0056

ID

VAR-201410-0056

CVE

CVE-2014-3394

TITLE

Cisco ASA Software Smart Call Home Vulnerabilities in certificate implementations that bypass certificate validation

Trust: 0.8

sources: JVNDB: JVNDB-2014-004668

DESCRIPTION

The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916. Vendors have confirmed this vulnerability Bug ID CSCun10916 It is released as.By any third party VeriSign Via certificates, certificate validation can be bypassed. Successfully exploiting this issue will allow an attacker to perform certain unauthorized actions. This may lead to other attacks. This issue is being tracked by Cisco Bug ID CSCun10916. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more. The following versions are affected: Cisco ASA Software 8.2 prior to 5.50, 8.4 prior to 8.4(7.15), 8.6 prior to 8.6(1.14), 8.7 prior to 8.7(1.13), 9.0 prior to 9.0(4.8), 9.1( 5.1) Prior to version 9.1

Trust: 2.07

sources: NVD: CVE-2014-3394 // JVNDB: JVNDB-2014-004668 // BID: 70299 // VULHUB: VHN-71334 // VULMON: CVE-2014-3394

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.2.8	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.1.11	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.40	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.48	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.41	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.46	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.2	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.1.3	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.2.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.4.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.4.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.2.16	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.7.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.2.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.4.3	Trust: 1.0
vendor:	cisco	model:	adaptive security virtual appliance	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.2.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.3.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.4.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.4.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.3.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1.12	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.2.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.3.9	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.2.17	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4.5.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.33	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.13	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6.1.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.26	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.5.22	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1.11	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.2.10	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.0.45	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2.4.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2(5.50)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7(1.13)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1(5.1)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(7.15)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.8)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.1	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	(asa)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6(1.14)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.6	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.7	Trust: 0.8

sources: JVNDB: JVNDB-2014-004668 // CNNVD: CNNVD-201410-217 // NVD: CVE-2014-3394

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3394
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-3394
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201410-217
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-71334
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2014-3394
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-3394
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-71334
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-71334 // VULMON: CVE-2014-3394 // JVNDB: JVNDB-2014-004668 // CNNVD: CNNVD-201410-217 // NVD: CVE-2014-3394

PROBLEMTYPE DATA

problemtype:	CWE-295	Trust: 1.1
problemtype:	CWE-16	Trust: 0.9

sources: VULHUB: VHN-71334 // JVNDB: JVNDB-2014-004668 // NVD: CVE-2014-3394

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-217

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201410-217

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004668

PATCH

title:	cisco-sa-20141008-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Trust: 0.8
title:	35918	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=35918	Trust: 0.8
title:	cisco-sa-20141008-asa	url:	http://www.cisco.com/cisco/web/support/JP/112/1126/1126286_cisco-sa-20141008-asa-j.html	Trust: 0.8
title:	Cisco ASA Software Fixes for configuration error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=193403	Trust: 0.6
title:	Cisco: Cisco ASA Smart Call Home Digital Certificate Validation Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=Cisco-SA-20141008-CVE-2014-3394	Trust: 0.1
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2014-3394	Trust: 0.1

sources: VULMON: CVE-2014-3394 // JVNDB: JVNDB-2014-004668 // CNNVD: CNNVD-201410-217

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3394	Trust: 2.9
db:	JVNDB	id:	JVNDB-2014-004668	Trust: 0.8
db:	CNNVD	id:	CNNVD-201410-217	Trust: 0.7
db:	BID	id:	70299	Trust: 0.5
db:	VULHUB	id:	VHN-71334	Trust: 0.1
db:	VULMON	id:	CVE-2014-3394	Trust: 0.1

sources: VULHUB: VHN-71334 // VULMON: CVE-2014-3394 // BID: 70299 // JVNDB: JVNDB-2014-004668 // CNNVD: CNNVD-201410-217 // NVD: CVE-2014-3394

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141008-asa	Trust: 1.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3394	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3394	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps6120/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/295.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2014-3394	Trust: 0.1
url:	https://www.securityfocus.com/bid/70299	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141008-cve-2014-3394	Trust: 0.1

sources: VULHUB: VHN-71334 // VULMON: CVE-2014-3394 // BID: 70299 // JVNDB: JVNDB-2014-004668 // CNNVD: CNNVD-201410-217 // NVD: CVE-2014-3394

CREDITS

Cisco

Trust: 0.3

sources: BID: 70299

SOURCES

db:	VULHUB	id:	VHN-71334
db:	VULMON	id:	CVE-2014-3394
db:	BID	id:	70299
db:	JVNDB	id:	JVNDB-2014-004668
db:	CNNVD	id:	CNNVD-201410-217
db:	NVD	id:	CVE-2014-3394

LAST UPDATE DATE

2024-11-23T22:18:34.267000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-71334	date:	2023-01-24T00:00:00
db:	VULMON	id:	CVE-2014-3394	date:	2023-01-24T00:00:00
db:	BID	id:	70299	date:	2014-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2014-004668	date:	2014-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201410-217	date:	2022-05-19T00:00:00
db:	NVD	id:	CVE-2014-3394	date:	2024-11-21T02:08:00.277

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-71334	date:	2014-10-10T00:00:00
db:	VULMON	id:	CVE-2014-3394	date:	2014-10-10T00:00:00
db:	BID	id:	70299	date:	2014-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2014-004668	date:	2014-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201410-217	date:	2014-10-14T00:00:00
db:	NVD	id:	CVE-2014-3394	date:	2014-10-10T10:55:06.680