Lucene search

CiscoCVE-2014-0669

HistoryJan 22, 2014 - 5:22 a.m.

CVE-2014-0669

2014-01-2205:22:20

CWE-264

cisco

web.nvd.nist.gov

cve-2014-0669

wireless session protocol

wsp

gateway gprs support node

ggsn

cisco

asr 5000

bug id cscuh28371

security vulnerability

remote attackers

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.005

Percentile

75.9%

JSON

The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371.

Affected configurations

Nvd

Node

ciscoasr_5000_series_softwareMatch-

VendorProductVersionCPE
ciscoasr_5000_series_software-cpe:2.3:a:cisco:asr_5000_series_software:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_5000_series_software	-	cpe:2.3:a:cisco:asr_5000_series_software:-:::::::*

References

osvdb.org/102318

secunia.com/advisories/56546

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0669

tools.cisco.com/security/center/viewAlert.x?alertId=32513

www.securityfocus.com/bid/65052

www.securitytracker.com/id/1029666

exchange.xforce.ibmcloud.com/vulnerabilities/90614

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

Confidence

Low

EPSS

0.005

Percentile

75.9%

JSON

Related for CVE-2014-0669