CVE-2014-0694 | Vulnerability Database | Aqua Security

Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier includes a cryptographic key in binary files, which makes it easier for remote attackers to obtain cleartext data from an arbitrary IAC installation by leveraging knowledge of this key, aka Bug IDs CSCui34764, CSCui34772, CSCui34776, CSCui34798, CSCui34800, CSCui34805, CSCui34809, CSCui34810, CSCui34813, CSCui34814, and CSCui34818.

Affected Software

Name	Vendor	Start Version	End Version
Cloud_portal	Cisco	*	9.4.1 (including)
Cloud_portal	Cisco	9.1-sp1 (including)	9.1-sp1 (including)
Cloud_portal	Cisco	9.1-sp2 (including)	9.1-sp2 (including)
Cloud_portal	Cisco	9.1-sp3 (including)	9.1-sp3 (including)
Cloud_portal	Cisco	9.3 (including)	9.3 (including)
Cloud_portal	Cisco	9.3.1 (including)	9.3.1 (including)
Cloud_portal	Cisco	9.3.2 (including)	9.3.2 (including)
Cloud_portal	Cisco	9.4 (including)	9.4 (including)

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0694
http://tools.cisco.com/security/center/viewAlert.x?alertId=33336
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0694
http://tools.cisco.com/security/center/viewAlert.x?alertId=33336

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-0694
CWE	https://cwe.mitre.org/data/definitions/255.html