CVE-2014-3403

Name of the Vulnerable Software and Affected Versions Cisco IOS XE (affected versions not specified)

Description The issue is related to incomplete certificate validation in the Autonomic Networking Infrastructure (ANI) component, allowing remote attackers to masquerade as another device by sending crafted messages. This can be exploited by an unauthenticated, remote attacker. The vulnerability may require the attacker to have access to trusted, internal networks to send crafted messages to the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.