CVE-2014-2537

Published Mar 18, 2014

Last updated 4 months ago

CVSS info 7.8

Overview

Description: Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B723C1C6-CBF1-45DB-AB69-C3385E7BD7E4",
            "versionEndIncluding": "9.108"
          },
          {
            "criteria": "cpe:2.3:a:sophos:unified_threat_management_software:8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCB0AEA3-97F9-4FCA-940C-7798AC38A748"
          },
          {
            "criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.007:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C80BE400-A887-4E12-9439-7939710234E1"
          },
          {
            "criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.107:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B77FD3BC-FA41-4F35-8B14-90D2BC1AD893"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9D7BF2E-1DEB-474A-8DEE-0A2D1A9B1A77"
          },
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE59783E-6A2D-4777-9BA2-8527DA6B32BA"
          },
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "646FEB9F-2F54-4946-9687-C2EC28144C97"
          },
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57654458-F143-4D70-9D52-0A242F3177A1"
          },
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6527EC0-536E-4BF0-9949-8FA4A4E64688"
          },
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21A9EA52-E9F1-4267-86BC-570ED1ECC7B1"
          },
          {
            "criteria": "cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "280976E2-D7A8-43B7-A57C-66920BC91DAB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References