fkie_nvd - fkie_cve-2014-3384

fkie_cve-2014-3384

Vulnerability from fkie_nvd

Published

2014-10-10 10:55

Modified

2025-04-12 10:46

Severity ?

Summary

The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401.

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	asa	8.4
cisco	asa	8.4.1
cisco	asa	8.4.2
cisco	asa	8.4.3
cisco	asa	8.4.4
cisco	asa	8.6
cisco	asa	8.6.1
cisco	asa	9.0
cisco	asa	9.1
cisco	asa	9.1.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "44402EC4-8170-4CEA-9AC1-1F4C8B0D411D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D7DD30-2639-4F42-BD15-AB2A3A03E0B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D20B32-C543-424D-8276-ED0DE1DC55AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A9CD2B-BD9B-4728-9CD4-7CB5A082BA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E98B331A-368F-4F68-81FA-BDE0260FEE9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "51525D78-0238-4379-A577-EAB6D278F0BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F759EAB4-B5CB-4BBE-83CB-DF31FD6CAA46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD97CD57-66F4-4A92-8897-A96D9E93116A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "790D2962-AE6A-4001-9793-A9B1C8916D3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ECE5855-A333-4B76-981B-82C378EF8B1E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n IKEv2 en Cisco ASA Software 8.4 anterior a 8.4(7.15), 8.6 anterior a 8.6(1.14), 9.0 anterior a 9.0(4.8), y 9.1 anterior a 9.1(5.1) permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de un paquete manipulado que se env\u00eda durante la creaci\u00f3n de t\u00faneles, tambi\u00e9n conocido como Bug ID CSCum96401."
    }
  ],
  "id": "CVE-2014-3384",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-10T10:55:06.243",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-3384 (GCVE-0-2014-3384)

Vulnerability from cvelistv5

Published

2014-10-10 10:00

Modified

2024-08-06 10:43

Severity ?

CWE

Summary

References

URL

Tags

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa

vendor-advisory, x_refsource_CISCO