ID CVE-2014-3347
Summary Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897.
References
Vulnerable Configurations
  • cpe:2.3:o:cisco:ios:15.1\(4\)m2:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:15.1\(4\)m2:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1801_integrated_service_router:-:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1802_integrated_service_router:-:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1803_integrated_service_router:-:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1811_integrated_service_router:-:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1812_integrated_service_router:-:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1841_integrated_service_router:-:*:*:*:*:*:*:*
  • cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*
    cpe:2.3:h:cisco:1861_integrated_service_router:-:*:*:*:*:*:*:*
CVSS
Base: 5.4 (as of 29-08-2017 - 01:34)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:C
refmap via4
bid 69439
cisco 20140827 Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability
confirm http://tools.cisco.com/security/center/viewAlert.x?alertId=35453
sectrack 1030772
xf cisco-isr-cve20143347-dos(95558)
Last major update 29-08-2017 - 01:34
Published 28-08-2014 - 23:55
Last modified 29-08-2017 - 01:34
Back to Top