{"api_version":"1","generated_at":"2026-05-13T17:39:14+00:00","cve":"CVE-2014-3274","urls":{"html":"https://cve.report/CVE-2014-3274","api":"https://cve.report/api/cve/CVE-2014-3274.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2014-3274","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2014-3274"},"summary":{"title":"CVE-2014-3274","description":"Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.","state":"PUBLISHED","assigner":"cisco","published_at":"2014-05-26 00:25:31","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-310","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"}}],"references":[{"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34327","name":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34327","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Alert Details - Security Center - Cisco Systems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1030272","name":"http://www.securitytracker.com/id/1030272","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Cisco TelePresence Does Not Always Encrypt Directory Information Transfers - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274","name":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"Cisco Security Notice: Cisco TelePresence System Directory Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2014-3274","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3274","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.10.0\\(259\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.10.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.10.1\\(43\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.10.2\\(42\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.10.3\\(41\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.2.3\\(1101\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.3.2\\(1393\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.4.7\\(2229\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.5.10\\(3648\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.5.11\\(3659\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.5.12\\(3701\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.5.13\\(3717\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.5.1\\(2082\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.5.3\\(2115\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.0\\(3954\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.2\\(4023\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.3\\(4042\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.4\\(4072\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.5\\(4097\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.6\\(4109\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.7\\(4212\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.6.8\\(4222\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.0.1\\(4764\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.0.2\\(4719\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.1\\(4864\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.2.1\\(2\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.2\\(4937\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.4\\(270\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.5\\(42\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.7.6\\(4\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.8.0\\(55\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.8.1\\(34\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.8.2\\(11\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.8.3\\(4\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.8.4\\(13\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.8.5\\(4\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.0.1\\(3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.0\\(46\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.1\\(68\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.2\\(19\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.3\\(44\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.4\\(19\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.5\\(7\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.6.1\\(3\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"1.9.6\\(2\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"4.0.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"6.0.0.1\\(4\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"6.0.1\\(50\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"6.0.2\\(28\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"6.0.3\\(33\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"6.0.4\\(11\\)","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3274","vulnerable":"1","versionEndIncluding":"6.0.5\\(5\\)","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"telepresence_system_software","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T10:35:57.154Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34327"},{"name":"20140521 Cisco TelePresence System Directory Information Disclosure Vulnerability","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274"},{"name":"1030272","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1030272"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2014-05-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2014-06-09T12:57:01.000Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34327"},{"name":"20140521 Cisco TelePresence System Directory Information Disclosure Vulnerability","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274"},{"name":"1030272","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1030272"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2014-3274","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34327","refsource":"CONFIRM","url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34327"},{"name":"20140521 Cisco TelePresence System Directory Information Disclosure Vulnerability","refsource":"CISCO","url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3274"},{"name":"1030272","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1030272"}]}}}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2014-3274","datePublished":"2014-05-23T22:00:00.000Z","dateReserved":"2014-05-07T00:00:00.000Z","dateUpdated":"2024-08-06T10:35:57.154Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2014-05-26 00:25:31","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-310","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:*","versionEndIncluding":"6.0.5\\(5\\)","matchCriteriaId":"89820E2D-120B-4E92-95FE-7D4072C915F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.2.3\\(1101\\):*:*:*:*:*:*:*","matchCriteriaId":"12193063-0545-402F-87E6-61023184F5EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.3.2\\(1393\\):*:*:*:*:*:*:*","matchCriteriaId":"90D72D8E-0826-4716-A2EE-B934150EC5F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.4.7\\(2229\\):*:*:*:*:*:*:*","matchCriteriaId":"494F0584-197E-4892-BD58-B574DBD090FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.5.1\\(2082\\):*:*:*:*:*:*:*","matchCriteriaId":"DEAF862B-43D6-42A2-B710-ED803906F251"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.5.3\\(2115\\):*:*:*:*:*:*:*","matchCriteriaId":"9FA3E247-E67F-4237-AF71-FEB0528EC35F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.5.10\\(3648\\):*:*:*:*:*:*:*","matchCriteriaId":"C68D879E-4522-4069-84B7-ED7C511B9D05"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.5.11\\(3659\\):*:*:*:*:*:*:*","matchCriteriaId":"3C97CD7F-1ED4-4F44-BC53-5CC3871915B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.5.12\\(3701\\):*:*:*:*:*:*:*","matchCriteriaId":"45A3BE96-E4F8-4362-A18E-0EBCF4D65490"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.5.13\\(3717\\):*:*:*:*:*:*:*","matchCriteriaId":"679CFA7C-60D4-4369-905F-B52DCD321603"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.0\\(3954\\):*:*:*:*:*:*:*","matchCriteriaId":"90C4668B-CB7C-44EB-B352-DED7C252EAD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.2\\(4023\\):*:*:*:*:*:*:*","matchCriteriaId":"6BDB4EBF-C8A1-4CE6-B377-C09983BF3A21"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.3\\(4042\\):*:*:*:*:*:*:*","matchCriteriaId":"43DAFA6C-2A25-499D-B11B-801F9031F2A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.4\\(4072\\):*:*:*:*:*:*:*","matchCriteriaId":"456BF22C-3010-451F-853F-C46E94E954D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.5\\(4097\\):*:*:*:*:*:*:*","matchCriteriaId":"B4A64D44-EC08-4601-93AC-6C02A4412D8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.6\\(4109\\):*:*:*:*:*:*:*","matchCriteriaId":"090FA16C-ABF2-4464-8219-D7A8917A7ECC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.7\\(4212\\):*:*:*:*:*:*:*","matchCriteriaId":"774A9C95-8111-425B-A411-26F614384135"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.6.8\\(4222\\):*:*:*:*:*:*:*","matchCriteriaId":"E6D1A003-6593-4934-8518-CC40F3F8ACE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.0.1\\(4764\\):*:*:*:*:*:*:*","matchCriteriaId":"2B98FCCA-923C-4501-9B06-70CB3731F49A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.0.2\\(4719\\):*:*:*:*:*:*:*","matchCriteriaId":"29E0E9FC-EF3F-470A-93A4-CC9C7A71F6EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.1\\(4864\\):*:*:*:*:*:*:*","matchCriteriaId":"1AE77C52-E526-4B48-8EFA-5F5C59956308"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.2\\(4937\\):*:*:*:*:*:*:*","matchCriteriaId":"BF620174-5C3E-43AF-8AEB-B9DD87F8C451"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.2.1\\(2\\):*:*:*:*:*:*:*","matchCriteriaId":"315EDAEC-3C60-445A-9613-23D38E8C2873"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.4\\(270\\):*:*:*:*:*:*:*","matchCriteriaId":"551E171E-973F-47A5-8A7F-70062E76E9CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.5\\(42\\):*:*:*:*:*:*:*","matchCriteriaId":"43DB9A3E-F495-4D22-874F-DDFB73C07534"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.7.6\\(4\\):*:*:*:*:*:*:*","matchCriteriaId":"2177AF2B-BF5C-431C-8899-88ECC4E91BC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.8.0\\(55\\):*:*:*:*:*:*:*","matchCriteriaId":"F2DBBADC-6367-4F75-9F58-E42A05AC992C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.8.1\\(34\\):*:*:*:*:*:*:*","matchCriteriaId":"CFEAB6C5-3B65-42D0-B597-0322D9F57C82"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.8.2\\(11\\):*:*:*:*:*:*:*","matchCriteriaId":"FD609D6C-0DA9-4D5F-B2F0-88BCAFCB7959"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.8.3\\(4\\):*:*:*:*:*:*:*","matchCriteriaId":"62CBB917-651A-4EB8-842D-0BEA708A1BFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.8.4\\(13\\):*:*:*:*:*:*:*","matchCriteriaId":"8BBAAC16-A2BE-4D8D-8DEA-9FD4BDA7E17B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.8.5\\(4\\):*:*:*:*:*:*:*","matchCriteriaId":"8819E5D6-F369-4BD2-A816-94F7A919C4B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.0\\(46\\):*:*:*:*:*:*:*","matchCriteriaId":"34508470-64C3-4A99-BBB0-169AFA3BE50B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.0.1\\(3\\):*:*:*:*:*:*:*","matchCriteriaId":"09D6BB57-FB29-4DBD-9974-7DE67695A416"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.1\\(68\\):*:*:*:*:*:*:*","matchCriteriaId":"E6570B01-07EB-425B-91E7-70517889A462"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.2:*:*:*:*:*:*:*","matchCriteriaId":"3BE52CFC-2DE3-4780-9471-BA2390070C78"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.2\\(19\\):*:*:*:*:*:*:*","matchCriteriaId":"68710E69-4FD8-4FED-9D7B-CE7317982E2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.3:*:*:*:*:*:*:*","matchCriteriaId":"68884D7C-6F29-4435-8904-C684959C9D4D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.3\\(44\\):*:*:*:*:*:*:*","matchCriteriaId":"00737930-5F3C-4274-9633-00B3837ED6BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.4:*:*:*:*:*:*:*","matchCriteriaId":"52DDA787-1F51-415A-BF59-B9EAAE69EA2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.4\\(19\\):*:*:*:*:*:*:*","matchCriteriaId":"995E5365-B6C3-4A4A-9F14-EADD27C8B9B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.5:*:*:*:*:*:*:*","matchCriteriaId":"BABEE2DD-7C86-4BD0-9928-DC370D3F786B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.5\\(7\\):*:*:*:*:*:*:*","matchCriteriaId":"20831FBF-99C9-4B02-A577-6D28CC2983DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.6:*:*:*:*:*:*:*","matchCriteriaId":"79C69EA5-F5D2-4DC7-BE08-F0CBA967A249"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.6\\(2\\):*:*:*:*:*:*:*","matchCriteriaId":"34600183-7CCF-4424-8887-8EC9ADD1B09E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.9.6.1\\(3\\):*:*:*:*:*:*:*","matchCriteriaId":"53734B19-352E-40F4-9A7C-E1A545B511FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.10.0:*:*:*:*:*:*:*","matchCriteriaId":"F4E70952-7132-4F2B-932F-56FAD2A89A96"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.10.0\\(259\\):*:*:*:*:*:*:*","matchCriteriaId":"0B3E2221-6FA5-4ABB-9102-414430E4865B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.10.1:*:*:*:*:*:*:*","matchCriteriaId":"F861192D-6138-49D2-BF8A-2D10B863253A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.10.1\\(43\\):*:*:*:*:*:*:*","matchCriteriaId":"5E6F9075-05E8-4B02-94C3-6AC2D36F5979"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.10.2\\(42\\):*:*:*:*:*:*:*","matchCriteriaId":"93666603-82A3-4E19-9BD1-4B0F39390992"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:1.10.3\\(41\\):*:*:*:*:*:*:*","matchCriteriaId":"9ED6E73D-7510-44DB-ADDB-9F757F90232E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"4BF71FA2-B8FC-4AE7-A0FD-8A4FAA0FE510"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:6.0.0.1\\(4\\):*:*:*:*:*:*:*","matchCriteriaId":"8C315F74-11D0-42EF-84F7-A9747A8C03E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:6.0.1\\(50\\):*:*:*:*:*:*:*","matchCriteriaId":"18516CB9-5EE8-4CC3-ACC3-6A0DF29D1D4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:6.0.2\\(28\\):*:*:*:*:*:*:*","matchCriteriaId":"A03B63BB-9DE1-41F9-A993-8295C368F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:6.0.3\\(33\\):*:*:*:*:*:*:*","matchCriteriaId":"E32AA0A3-88AD-40D9-BF87-0DB0C1C7DADB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:telepresence_system_software:6.0.4\\(11\\):*:*:*:*:*:*:*","matchCriteriaId":"45697A1C-B866-4BFE-8311-C82DDCE0A5C1"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2014","CveId":"3274","Ordinal":"1","Title":"CVE-2014-3274","CVE":"CVE-2014-3274","Year":"2014"},"notes":[{"CveYear":"2014","CveId":"3274","Ordinal":"1","NoteData":"Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.","Type":"Description","Title":"CVE-2014-3274"},{"CveYear":"2014","CveId":"3274","Ordinal":"2","NoteData":"2014-05-23","Type":"Other","Title":"Published"},{"CveYear":"2014","CveId":"3274","Ordinal":"3","NoteData":"2014-06-09","Type":"Other","Title":"Modified"}]}}}