ID
VAR-201408-0168
CVE
CVE-2014-3347
TITLE
Cisco 1800 ISR Run on device Cisco IOS Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897. Cisco 1800 Series are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the device unresponsive, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCul77897. Cisco IOS on Cisco 1800 ISR is a set of operating systems run by Cisco 1800 ISR series routers
Trust: 1.98
AFFECTED PRODUCTS
| vendor: | cisco | model: | ios | scope: | eq | version: | 15.1\(4\)m2 | Trust: 1.6 |
| vendor: | cisco | model: | 1801 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1812 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1841 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1861 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1802 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1803 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1811 integrated service router | scope: | eq | version: | - | Trust: 1.0 |
| vendor: | cisco | model: | 1801 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | 1802 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | 1803 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | 1811 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | 1812 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | 1841 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | 1861 integrated service router | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | ios | scope: | lte | version: | 15.1(4)m2 | Trust: 0.8 |
| vendor: | cisco | model: | ios 15.1m | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.1 m4 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.1 m3a | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.1 m3 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | ios 15.1 m2 | scope: | - | version: | - | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-399 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
resource management error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3347 | Trust: 0.8 |
| title: | 35453 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=35453 | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-3347 | Trust: 2.8 |
| db: | BID | id: | 69439 | Trust: 1.4 |
| db: | SECTRACK | id: | 1030772 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2014-003988 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201408-438 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-71287 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3347 | Trust: 1.7 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=35453 | Trust: 1.7 |
| url: | http://www.securityfocus.com/bid/69439 | Trust: 1.1 |
| url: | http://www.securitytracker.com/id/1030772 | Trust: 1.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/95558 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3347 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3347 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | VULHUB | id: | VHN-71287 |
| db: | BID | id: | 69439 |
| db: | JVNDB | id: | JVNDB-2014-003988 |
| db: | CNNVD | id: | CNNVD-201408-438 |
| db: | NVD | id: | CVE-2014-3347 |
LAST UPDATE DATE
2024-11-23T22:02:03.673000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-71287 | date: | 2017-08-29T00:00:00 |
| db: | BID | id: | 69439 | date: | 2014-09-01T00:13:00 |
| db: | JVNDB | id: | JVNDB-2014-003988 | date: | 2014-09-01T00:00:00 |
| db: | CNNVD | id: | CNNVD-201408-438 | date: | 2014-08-29T00:00:00 |
| db: | NVD | id: | CVE-2014-3347 | date: | 2024-11-21T02:07:54.767 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-71287 | date: | 2014-08-28T00:00:00 |
| db: | BID | id: | 69439 | date: | 2014-08-27T00:00:00 |
| db: | JVNDB | id: | JVNDB-2014-003988 | date: | 2014-09-01T00:00:00 |
| db: | CNNVD | id: | CNNVD-201408-438 | date: | 2014-08-29T00:00:00 |
| db: | NVD | id: | CVE-2014-3347 | date: | 2014-08-28T23:55:05.513 |