Certificate Validation Bypass in Cisco ASA Software
CVE-2014-3394 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The Smart Call Home (SCH) implementation in Cisco ASA Software 8.2 before 8.2(5.50), 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to bypass certificate validation via an arbitrary VeriSign certificate, aka Bug ID CSCun10916.
Learn more about our Cis Benchmark Audit For Cisco.