fkie_nvd - fkie_cve-2014-3386

fkie_cve-2014-3386

Vulnerability from fkie_nvd

Published

2014-10-10 10:55

Modified

2025-04-12 10:46

Severity ?

Summary

The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399.

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	asa	8.2.5
cisco	asa	8.2.5.13
cisco	asa	8.2.5.22
cisco	asa	8.2.5.26
cisco	asa	8.2.5.33
cisco	asa	8.2.5.41
cisco	asa	8.2.5.46
cisco	asa	8.2.5.48
cisco	asa	8.2.5.49
cisco	asa	8.4
cisco	asa	8.4.1
cisco	asa	8.4.2
cisco	asa	8.4.3
cisco	asa	8.4.4
cisco	asa	8.4.5
cisco	asa	8.4.6
cisco	asa	8.4.7
cisco	asa	8.7
cisco	asa	9.0
cisco	asa	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5820190E-9348-45DE-AC46-4893AF05FBAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "73795BCE-FBCC-4BE9-A819-2994B5C43832",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A60CD28-5196-4BFE-BE74-D891F2CBF35A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "E983562F-32B8-468D-B7DE-E1E122D171DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C04688-10F6-40B6-A5CF-E2724C1DD0E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1797614-AFA7-43CF-9F5C-59EEA6F5F064",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF2AC187-2437-472B-B390-F26966DAA0A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "8812147B-F627-4798-9911-BE520279A97B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.2.5.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB6415DD-A1B0-4785-BE9E-0B23432B3A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "44402EC4-8170-4CEA-9AC1-1F4C8B0D411D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "42D7DD30-2639-4F42-BD15-AB2A3A03E0B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9D20B32-C543-424D-8276-ED0DE1DC55AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A9CD2B-BD9B-4728-9CD4-7CB5A082BA61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E98B331A-368F-4F68-81FA-BDE0260FEE9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B559FF-9C48-4F87-A792-FF391CA37BDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E24D3F15-3789-4EAB-87C7-3FA5EA676510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC873F47-93A7-4889-96F9-157F977968D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "72799BBB-B2BE-4F75-B5F1-91AB3517B405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD97CD57-66F4-4A92-8897-A96D9E93116A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:asa:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "790D2962-AE6A-4001-9793-A9B1C8916D3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8.4 before 8.4(7.15), 8.7 before 8.7(1.13), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted series of GTP packets, aka Bug ID CSCum56399."
    },
    {
      "lang": "es",
      "value": "El motor de inspecci\u00f3n GPRS Tunneling Protocol (GTP) en Cisco ASA Software 8.2 anterior a 8.2(5.51), 8.4 anterior a 8.4(7.15), 8.7 anterior a 8.7(1.13), 9.0 anterior a 9.0(4.8), y 9.1 anterior a 9.1(5.1) permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de una serie manipulada de paquetes GTP, tambi\u00e9n conocido como Bug ID CSCum56399."
    }
  ],
  "id": "CVE-2014-3386",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-10T10:55:06.337",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2014-3386 (GCVE-0-2014-3386)

Vulnerability from cvelistv5

Published

2014-10-10 10:00

Modified

2024-08-06 10:43

Severity ?

CWE

Summary

References

URL

Tags

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa

vendor-advisory, x_refsource_CISCO