Vulnerability-Lookup

CVE-2014-2188 (GCVE-0-2014-2188)

Vulnerability from cvelistv5 – Published: 2015-02-27 02:00 – Updated: 2015-03-06 01:57

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0607. Reason: This candidate is a duplicate of CVE-2015-0607. The wrong ID was used. Notes: All CVE users should reference CVE-2015-0607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2015-03-06T01:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-2188",
    "datePublished": "2015-02-27T02:00:00",
    "dateRejected": "2015-03-06T01:57:01",
    "dateReserved": "2014-02-25T00:00:00",
    "dateUpdated": "2015-03-06T01:57:01",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.0",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage\"}]",
      "id": "CVE-2014-2188",
      "lastModified": "2023-11-07T02:19:30.650",
      "published": "2015-02-27T02:59:00.057",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Rejected"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2188\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2015-02-27T02:59:00.057\",\"lastModified\":\"2023-11-07T02:19:30.650\",\"vulnStatus\":\"Rejected\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage\"}],\"metrics\":{},\"references\":[]}}"
  }
}

GSD-2014-2188

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0607. Reason: This candidate is a duplicate of CVE-2015-0607. The wrong ID was used. Notes: All CVE users should reference CVE-2015-0607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Aliases

CVE-2014-2188

Aliases

CVE-2014-2188

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-2188",
    "description": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.",
    "id": "GSD-2014-2188"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-2188"
      ],
      "details": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.",
      "id": "GSD-2014-2188",
      "modified": "2023-12-13T01:22:46.256089Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2014-2188",
        "STATE": "REJECT"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage."
          }
        ]
      }
    }
  }
}

VAR-201502-0334

Vulnerability from variot - Updated: 2023-12-18 12:38

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-0607. Reason: This candidate is a duplicate of CVE-2015-0607. The wrong ID was used. Notes: All CVE users should reference CVE-2015-0607 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. ** Delete ** This case CVE-2015-0607 It was removed because it was found to be duplicated. CVE-2015-0607 Please refer to. Cisco IOS of Authentication Proxy The function is RADIUS and TACACS+ Invalid from server AAA There is a vulnerability that bypasses authentication due to improper handling of return codes. Vendors have confirmed this vulnerability Bug ID CSCuo09400 and CSCun16016 It is released as.A third party may be able to bypass authentication through connection attempts that trigger invalid code. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS Software is prone to an authentication-bypass vulnerability. This may lead to further attacks. This issue is tracked by Cisco Bug IDs CSCuo09400 and CSCun16016

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201502-0334",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ios",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios software",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "15.4\\(1\\)t1"
      },
      {
        "model": "ios software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "BID",
        "id": "72794"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:cisco:ios",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "72794"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-2188",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2015-01407",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "CNVD",
            "id": "CNVD-2015-01407",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201502-458",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage. ** Delete ** This case CVE-2015-0607 It was removed because it was found to be duplicated. CVE-2015-0607 Please refer to. Cisco IOS of Authentication Proxy The function is RADIUS and TACACS+ Invalid from server AAA There is a vulnerability that bypasses authentication due to improper handling of return codes. Vendors have confirmed this vulnerability Bug ID CSCuo09400 and CSCun16016 It is released as.A third party may be able to bypass authentication through connection attempts that trigger invalid code. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Cisco IOS Software is prone to an authentication-bypass vulnerability. This may lead to further attacks. \nThis issue is tracked by Cisco Bug IDs CSCuo09400 and CSCun16016",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2188"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "BID",
        "id": "72794"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70127"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2188",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "72794",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-70127",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70127"
      },
      {
        "db": "BID",
        "id": "72794"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2188"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "id": "VAR-201502-0334",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70127"
      }
    ],
    "trust": 1.31611503
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:38:03.838000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Vulnerability in Authentication Proxy Feature in Cisco IOS Software",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-2188"
      },
      {
        "title": "Cisco IOS Software Security Vulnerability Patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/55843"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-2188"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2188"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2188"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/72794"
      },
      {
        "trust": 0.4,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70127"
      },
      {
        "db": "BID",
        "id": "72794"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70127"
      },
      {
        "db": "BID",
        "id": "72794"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2188"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-03-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "date": "2015-02-27T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70127"
      },
      {
        "date": "2015-02-26T00:00:00",
        "db": "BID",
        "id": "72794"
      },
      {
        "date": "2015-03-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "date": "2015-02-27T02:59:00.057000",
        "db": "NVD",
        "id": "CVE-2014-2188"
      },
      {
        "date": "2015-02-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-03-04T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-01407"
      },
      {
        "date": "2015-03-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70127"
      },
      {
        "date": "2015-02-26T00:00:00",
        "db": "BID",
        "id": "72794"
      },
      {
        "date": "2015-03-02T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      },
      {
        "date": "2023-11-07T02:19:30.650000",
        "db": "NVD",
        "id": "CVE-2014-2188"
      },
      {
        "date": "2015-03-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "** Delete  ** Cisco IOS of  Authentication Proxy Vulnerabilities that bypass authentication in functions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-007946"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201502-458"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2015-01407

Vulnerability from cnvd - Published: 2015-03-04

Title

Cisco IOS Software安全绕过漏洞

Description

Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。 Cisco IOS Software存在安全绕过漏洞，攻击者可以利用此漏洞绕过认证机制、执行未经授权的操作。

Severity

中

Patch Name

Cisco IOS Software安全绕过漏洞的补丁

Patch Description

Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。 Cisco IOS Software存在安全绕过漏洞，攻击者可以利用此漏洞绕过认证机制、执行未经授权的操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可以联系供应商获得补丁信息： http://www.cisco.com/

Reference

http://www.securityfocus.com/bid/72794

Impacted products

Name
Cisco IOS Software

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "72794"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-2188"
    }
  },
  "description": "Cisco IOS\u662f\u591a\u6570\u601d\u79d1\u7cfb\u7edf\u8def\u7531\u5668\u548c\u7f51\u7edc\u4ea4\u6362\u673a\u4e0a\u4f7f\u7528\u7684\u4e92\u8054\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002 \r\n\r\nCisco IOS Software\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u7ed5\u8fc7\u8ba4\u8bc1\u673a\u5236\u3001\u6267\u884c\u672a\u7ecf\u6388\u6743\u7684\u64cd\u4f5c\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u7528\u6237\u53ef\u4ee5\u8054\u7cfb\u4f9b\u5e94\u5546\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.cisco.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-01407",
  "openTime": "2015-03-04",
  "patchDescription": "Cisco IOS\u662f\u591a\u6570\u601d\u79d1\u7cfb\u7edf\u8def\u7531\u5668\u548c\u7f51\u7edc\u4ea4\u6362\u673a\u4e0a\u4f7f\u7528\u7684\u4e92\u8054\u7f51\u7edc\u64cd\u4f5c\u7cfb\u7edf\u3002 \r\n\r\nCisco IOS Software\u5b58\u5728\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u7ed5\u8fc7\u8ba4\u8bc1\u673a\u5236\u3001\u6267\u884c\u672a\u7ecf\u6388\u6743\u7684\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco IOS Software\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco IOS Software"
  },
  "referenceLink": "http://www.securityfocus.com/bid/72794",
  "serverity": "\u4e2d",
  "submitTime": "2015-02-28",
  "title": "Cisco IOS Software\u5b89\u5168\u7ed5\u8fc7\u6f0f\u6d1e"
}

FKIE_CVE-2014-2188

Vulnerability from fkie_nvd - Published: 2015-02-27 02:59 - Updated: 2023-11-07 02:19

Severity ?

Summary

References

	URL	Tags

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2015-0607.  Reason: This candidate is a duplicate of CVE-2015-0607.  The wrong ID was used.  Notes: All CVE users should reference CVE-2015-0607 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage"
    }
  ],
  "id": "CVE-2014-2188",
  "lastModified": "2023-11-07T02:19:30.650",
  "metrics": {},
  "published": "2015-02-27T02:59:00.057",
  "references": [],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Rejected"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-2188 (GCVE-0-2014-2188)

GSD-2014-2188

VAR-201502-0334

CNVD-2015-01407

FKIE_CVE-2014-2188

Tags

Sightings

Nomenclature