Lucene search

[email protected]NVD:CVE-2014-3331

HistoryAug 20, 2014 - 11:17 a.m.

CVE-2014-3331

2014-08-2011:17:14

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.

Affected configurations

Nvd

Node

ciscoasr_5000_series_softwareMatch11.0

ciscoasr_5000_series_softwareMatch12.0

ciscoasr_5000_series_softwareMatch12.1

ciscoasr_5000_series_softwareMatch12.2

ciscoasr_5000_series_softwareMatch14.0

ciscoasr_5000_series_softwareMatch15.0

ciscoasr_5000_series_softwareMatch16.1.0

ciscoasr_5000_series_softwareMatch16.1.1

ciscoasr_5000_series_softwareMatch16.1.2

ciscoasr_5000_series_softwareMatch17.0.0

VendorProductVersionCPE
ciscoasr_5000_series_software11.0cpe:2.3:a:cisco:asr_5000_series_software:11.0:*:*:*:*:*:*:*
ciscoasr_5000_series_software12.0cpe:2.3:a:cisco:asr_5000_series_software:12.0:*:*:*:*:*:*:*
ciscoasr_5000_series_software12.1cpe:2.3:a:cisco:asr_5000_series_software:12.1:*:*:*:*:*:*:*
ciscoasr_5000_series_software12.2cpe:2.3:a:cisco:asr_5000_series_software:12.2:*:*:*:*:*:*:*
ciscoasr_5000_series_software14.0cpe:2.3:a:cisco:asr_5000_series_software:14.0:*:*:*:*:*:*:*
ciscoasr_5000_series_software15.0cpe:2.3:a:cisco:asr_5000_series_software:15.0:*:*:*:*:*:*:*
ciscoasr_5000_series_software16.1.0cpe:2.3:a:cisco:asr_5000_series_software:16.1.0:*:*:*:*:*:*:*
ciscoasr_5000_series_software16.1.1cpe:2.3:a:cisco:asr_5000_series_software:16.1.1:*:*:*:*:*:*:*
ciscoasr_5000_series_software16.1.2cpe:2.3:a:cisco:asr_5000_series_software:16.1.2:*:*:*:*:*:*:*
ciscoasr_5000_series_software17.0.0cpe:2.3:a:cisco:asr_5000_series_software:17.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	asr_5000_series_software	11.0	cpe:2.3:a:cisco:asr_5000_series_software:11.0:::::::*
cisco	asr_5000_series_software	12.0	cpe:2.3:a:cisco:asr_5000_series_software:12.0:::::::*
cisco	asr_5000_series_software	12.1	cpe:2.3:a:cisco:asr_5000_series_software:12.1:::::::*
cisco	asr_5000_series_software	12.2	cpe:2.3:a:cisco:asr_5000_series_software:12.2:::::::*
cisco	asr_5000_series_software	14.0	cpe:2.3:a:cisco:asr_5000_series_software:14.0:::::::*
cisco	asr_5000_series_software	15.0	cpe:2.3:a:cisco:asr_5000_series_software:15.0:::::::*
cisco	asr_5000_series_software	16.1.0	cpe:2.3:a:cisco:asr_5000_series_software:16.1.0:::::::*
cisco	asr_5000_series_software	16.1.1	cpe:2.3:a:cisco:asr_5000_series_software:16.1.1:::::::*
cisco	asr_5000_series_software	16.1.2	cpe:2.3:a:cisco:asr_5000_series_software:16.1.2:::::::*
cisco	asr_5000_series_software	17.0.0	cpe:2.3:a:cisco:asr_5000_series_software:17.0.0:::::::*

References

secunia.com/advisories/60706

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3331

tools.cisco.com/security/center/viewAlert.x?alertId=35346

www.securityfocus.com/bid/69281

www.securitytracker.com/id/1030747

exchange.xforce.ibmcloud.com/vulnerabilities/95357

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.022

Percentile

89.5%

JSON

Related for NVD:CVE-2014-3331

cvelist1 cve1 cisco1 prion1