Sign-up

ID

VAR-201403-0467


CVE

CVE-2014-2121


TITLE

Cisco Hosted Collaboration Solution of Java Service disruption in base software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-001742

DESCRIPTION

The Java-based software in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (closing of TCP ports) via unspecified vectors, aka Bug IDs CSCug77633, CSCug77667, CSCug78266, CSCug82795, and CSCuh58643. Vendors have confirmed this vulnerability Bug ID CSCug77633 , CSCug77667 , CSCug78266 , CSCug82795 and CSCuh58643 It is released as.Service disruption by a third party (TCP Port closure ) There is a possibility of being put into a state. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. This issue is being tracked by Cisco Bug ID's CSCug77633, CSCug77667, CSCug78266, CSCug82795 and CSCuh58643. The solution includes products such as Cisco TelePresence, Customer Collaboration (Contact Center) and Unified Communications to support customers to use collaboration technology in public cloud, private cloud and hybrid cloud models. A denial of service vulnerability exists in the Java-based software of Cisco HCS. A remote attacker can exploit this vulnerability to close the TCP port

Trust: 1.98

sources: NVD: CVE-2014-2121 // JVNDB: JVNDB-2014-001742 // BID: 66283 // VULHUB: VHN-70060

AFFECTED PRODUCTS

vendor:ciscomodel:hosted collaboration solutionscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:hosted collaboration solutionscope:eqversion:9.0(1)

Trust: 0.8

vendor:ciscomodel:hosted collaboration solutionscope:eqversion:0

Trust: 0.3

sources: BID: 66283 // JVNDB: JVNDB-2014-001742 // CNNVD: CNNVD-201403-349 // NVD: CVE-2014-2121

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-2121
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-2121
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201403-349
value: MEDIUM

Trust: 0.6

VULHUB: VHN-70060
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-2121
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-70060
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-70060 // JVNDB: JVNDB-2014-001742 // CNNVD: CNNVD-201403-349 // NVD: CVE-2014-2121

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-70060 // JVNDB: JVNDB-2014-001742 // NVD: CVE-2014-2121

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-349

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201403-349

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001742

PATCH
title:Cisco Hosted Collaboration Solution Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2121
Trust: 0.8
title:33404url:http://tools.cisco.com/security/center/viewAlert.x?alertId=33404
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-001742

EXTERNAL IDS
db:NVDid:CVE-2014-2121
Trust: 2.8
db:BIDid:66283
Trust: 1.4
db:SECTRACKid:1029933
Trust: 1.1
db:JVNDBid:JVNDB-2014-001742
Trust: 0.8
db:CNNVDid:CNNVD-201403-349
Trust: 0.7
db:CISCOid:20140318 CISCO HOSTED COLLABORATION SOLUTION DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-70060
Trust: 0.1
sources:
            
            
            VULHUB: VHN-70060 // 
            
            
            
            BID: 66283 // 
            
            
            
            JVNDB: JVNDB-2014-001742 // 
            
            
            
            CNNVD: CNNVD-201403-349 // 
            
            
            
            NVD: CVE-2014-2121

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-2121
Trust: 2.0
url:http://www.securityfocus.com/bid/66283
Trust: 1.1
url:http://www.securitytracker.com/id/1029933
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2121
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2121
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-70060 // 
            
            
            
            BID: 66283 // 
            
            
            
            JVNDB: JVNDB-2014-001742 // 
            
            
            
            CNNVD: CNNVD-201403-349 // 
            
            
            
            NVD: CVE-2014-2121

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 66283

SOURCES
db:VULHUBid:VHN-70060
db:BIDid:66283
db:JVNDBid:JVNDB-2014-001742
db:CNNVDid:CNNVD-201403-349
db:NVDid:CVE-2014-2121

LAST UPDATE DATE
2024-11-23T22:23:06.891000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-70060date:2016-09-07T00:00:00
db:BIDid:66283date:2014-03-18T00:00:00
db:JVNDBid:JVNDB-2014-001742date:2014-03-20T00:00:00
db:CNNVDid:CNNVD-201403-349date:2014-03-21T00:00:00
db:NVDid:CVE-2014-2121date:2024-11-21T02:05:41.687

SOURCES RELEASE DATE
db:VULHUBid:VHN-70060date:2014-03-19T00:00:00
db:BIDid:66283date:2014-03-18T00:00:00
db:JVNDBid:JVNDB-2014-001742date:2014-03-20T00:00:00
db:CNNVDid:CNNVD-201403-349date:2014-03-20T00:00:00
db:NVDid:CVE-2014-2121date:2014-03-19T01:15:04.037