CVE-2014-7997

Published Nov 15, 2014

Last updated 7 years ago

CVSS info 6.1

Overview

Description: The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cause a denial of service (device restart) by triggering a transition into a recovery state that was intended to involve a network-interface restart but actually involves a full device restart, aka Bug ID CSCtn16281.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.1
Impact score: 6.9
Exploitability score: 6.5
Vector string: AV:A/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6230A85-30D2-4934-A8A0-11499B7B09F8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1040:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7361553C-439A-4EFC-B47C-5D099132A9BD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1140:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "42E54595-DEA2-4CDA-B218-89B034EB129F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_1260:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "900C8376-9891-4CAF-8873-1CE78CFEB050"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D385DFB0-FE3D-4217-B17A-1AB4A34363AA"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "86AFB6B7-F5A5-4F87-A149-53FC82D5D863"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3600e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "35E201F1-02D0-4023-9A50-3D8F1A9EC357"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3600i:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "65CBE08A-4F2B-452D-B3B3-034DE13E86CF"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_3600p:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CE92197-190B-466A-B7A7-268051DA4395"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_600_office_extend:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "903A79E0-184A-4CFB-96FA-A3E0474503FD"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1100:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6D954F30-8AD0-41E9-8D62-BEFEBDCB3B6D"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1130ag:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8D56D069-0E19-4E60-A30A-23C27964B674"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1131:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA740581-ED86-4822-9516-BCCA4C267561"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2E8B5553-7295-4786-9F81-B4527EAD4F0B"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1230ag:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "01A48851-D4D5-4ABC-A44A-F82A97882C45"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1240:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6AAA8DE4-4E1D-4286-846D-0381BF68632F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1240ag:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "17BBE092-4156-45E8-A7ED-55C2765580CC"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1300:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F02967F7-FC29-460E-A07E-99397E55A63F"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap1400:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D84F4CEF-F599-48EE-A5FA-252880332A84"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap340:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9DBDCD08-D3E9-4E72-BC5E-A9A9453D32A8"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap340:11.21:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E8F1355-5A18-4692-B54C-083291E751E3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap350:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7AF8AA1B-17C3-49E3-BA0F-17FFCE2AAE03"
          },
          {
            "criteria": "cpe:2.3:h:cisco:aironet_ap350:11.21:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "97943532-2C6A-4867-BD40-1B848BD2009A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References