CVE-2014-3389

Published Oct 10, 2014

Last updated 10 years ago

Overview

Description: The VPN implementation in Cisco ASA Software 7.2 before 7.2(5.15), 8.2 before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.6 before 8.6(1.15), 9.0 before 9.0(4.24), 9.1 before 9.1(5.12), 9.2 before 9.2(2.6), and 9.3 before 9.3(1.1) does not properly implement a tunnel filter, which allows remote authenticated users to obtain failover-unit access via crafted packets, aka Bug ID CSCuq28582.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:asa:7.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDD83CA1-23FC-4076-8879-2475858EA4DF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:7.2.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A7F4260-1D37-4694-BACE-C09F8B9B25FD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5820190E-9348-45DE-AC46-4893AF05FBAF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73795BCE-FBCC-4BE9-A819-2994B5C43832"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A60CD28-5196-4BFE-BE74-D891F2CBF35A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E983562F-32B8-468D-B7DE-E1E122D171DA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03C04688-10F6-40B6-A5CF-E2724C1DD0E4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.41:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1797614-AFA7-43CF-9F5C-59EEA6F5F064"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF2AC187-2437-472B-B390-F26966DAA0A8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8812147B-F627-4798-9911-BE520279A97B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.2.5.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB6415DD-A1B0-4785-BE9E-0B23432B3A44"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F6CBA34-0D66-4424-89F8-BD40930B7480"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.3.2.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6FB469C-8612-4FAF-9A00-ED2C54E1B30B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44402EC4-8170-4CEA-9AC1-1F4C8B0D411D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42D7DD30-2639-4F42-BD15-AB2A3A03E0B7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9D20B32-C543-424D-8276-ED0DE1DC55AC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06A9CD2B-BD9B-4728-9CD4-7CB5A082BA61"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E98B331A-368F-4F68-81FA-BDE0260FEE9B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3B559FF-9C48-4F87-A792-FF391CA37BDF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E24D3F15-3789-4EAB-87C7-3FA5EA676510"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC873F47-93A7-4889-96F9-157F977968D5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:8.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51525D78-0238-4379-A577-EAB6D278F0BC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD97CD57-66F4-4A92-8897-A96D9E93116A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "790D2962-AE6A-4001-9793-A9B1C8916D3F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FFDE95CB-13EC-4BFA-A8F0-E11CE80592C5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:asa:9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13FDF2FC-8D1E-4AEB-9B7E-276AE4AE4A81"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References