CVE-2014-3384

Published Oct 10, 2014

Last updated 3 months ago

CVSS info 7.8

Overview

Description: The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44402EC4-8170-4CEA-9AC1-1F4C8B0D411D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42D7DD30-2639-4F42-BD15-AB2A3A03E0B7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9D20B32-C543-424D-8276-ED0DE1DC55AC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06A9CD2B-BD9B-4728-9CD4-7CB5A082BA61"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E98B331A-368F-4F68-81FA-BDE0260FEE9B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51525D78-0238-4379-A577-EAB6D278F0BC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F759EAB4-B5CB-4BBE-83CB-DF31FD6CAA46"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD97CD57-66F4-4A92-8897-A96D9E93116A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "790D2962-AE6A-4001-9793-A9B1C8916D3F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1ECE5855-A333-4B76-981B-82C378EF8B1E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References