Details of VAR-201609-0590

ID

VAR-201609-0590

CVE

CVE-2014-2146

TITLE

Cisco IOS and IOS XE Vulnerability in the zone-based firewall function that prevents access to resources

Trust: 0.8

sources: JVNDB: JVNDB-2014-008181

DESCRIPTION

The Zone-Based Firewall (ZBFW) functionality in Cisco IOS, possibly 15.4 and earlier, and IOS XE, possibly 3.13 and earlier, mishandles zone checking for existing sessions, which allows remote attackers to bypass intended resource-access restrictions via spoofed traffic that matches one of these sessions, aka Bug IDs CSCun94946 and CSCun96847. Vendors have confirmed this vulnerability Bug ID CSCun94946 ,and CSCun96847 It is released as.A third party may be able to circumvent restricted access to resources through forged traffic that matches the session. Both Cisco IOS and IOSXESoftware are operating systems developed by Cisco for its network devices. Zone-BasedFirewall (ZBFW) is one of the policy firewall components. The ZBFW feature in Cisco IOS and IOSXESoftware has a security bypass vulnerability that stems from a program failing to properly check the current session's data flow. This vulnerability can be exploited by remote attackers to inject and pass fake data streams, bypassing security restrictions and gaining unauthorized access to resources. This may aid in further attacks. This issue is tracked by Cisco Bug IDs CSCun94946 and CSCun96847

Trust: 2.52

sources: NVD: CVE-2014-2146 // JVNDB: JVNDB-2014-008181 // CNVD: CNVD-2016-08194 // BID: 93126 // VULHUB: VHN-70085

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-08194

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	lte	version:	15.4\(1\)t1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lte	version:	15.4\(3\)s	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	15.4	Trust: 0.8
vendor:	cisco	model:	ios xe	scope:	lte	version:	3.13	Trust: 0.8
vendor:	cisco	model:	ios	scope:	lte	version:	<=15.4	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	lte	version:	<=3.13	Trust: 0.6
vendor:	cisco	model:	ios xe	scope:	eq	version:	15.4\(3\)s	Trust: 0.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4\(1\)t1	Trust: 0.6
vendor:	cisco	model:	ios xe software	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios software	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-08194 // BID: 93126 // JVNDB: JVNDB-2014-008181 // CNNVD: CNNVD-201609-558 // NVD: CVE-2014-2146

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-2146
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2014-2146
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2016-08194
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201609-558
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-70085
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2014-2146
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-08194
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-70085
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2014-2146
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-08194 // VULHUB: VHN-70085 // JVNDB: JVNDB-2014-008181 // CNNVD: CNNVD-201609-558 // NVD: CVE-2014-2146

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-70085 // JVNDB: JVNDB-2014-008181 // NVD: CVE-2014-2146

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201609-558

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201609-558

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-008181

PATCH

title:	CSCun94946 - IOS : Vulnerability in Zone Based Firewall	url:	https://quickview.cloudapps.cisco.com/quickview/bug/CSCun94946	Trust: 0.8
title:	CSCun96847 - IOS-XE : Zone mismatch vulnerability in Zone Based Firewall	url:	https://quickview.cloudapps.cisco.com/quickview/bug/CSCun96847	Trust: 0.8
title:	39129	url:	https://tools.cisco.com/security/center/viewAlert.x?alertId=39129	Trust: 0.8
title:	Cisco IOS and IOSXESoftwareZBFW Functional Security Bypass Vulnerability Patch	url:	https://www.cnvd.org.cn/patchInfo/show/81788	Trust: 0.6
title:	Cisco IOS and IOS XE Software Repair measures for security bypass vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=64287	Trust: 0.6

sources: CNVD: CNVD-2016-08194 // JVNDB: JVNDB-2014-008181 // CNNVD: CNNVD-201609-558

EXTERNAL IDS

db:	NVD	id:	CVE-2014-2146	Trust: 3.4
db:	BID	id:	93126	Trust: 1.4
db:	JVNDB	id:	JVNDB-2014-008181	Trust: 0.8
db:	CNNVD	id:	CNNVD-201609-558	Trust: 0.7
db:	CNVD	id:	CNVD-2016-08194	Trust: 0.6
db:	VULHUB	id:	VHN-70085	Trust: 0.1

sources: CNVD: CNVD-2016-08194 // VULHUB: VHN-70085 // BID: 93126 // JVNDB: JVNDB-2014-008181 // CNNVD: CNNVD-201609-558 // NVD: CVE-2014-2146

REFERENCES

url:	https://tools.cisco.com/security/center/viewalert.x?alertid=39129	Trust: 2.0
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2146	Trust: 1.4
url:	http://www.securityfocus.com/bid/93126	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2146	Trust: 0.8
url:	http://www.cisco.com	Trust: 0.3

sources: CNVD: CNVD-2016-08194 // VULHUB: VHN-70085 // BID: 93126 // JVNDB: JVNDB-2014-008181 // CNNVD: CNNVD-201609-558 // NVD: CVE-2014-2146

CREDITS

Cisco

Trust: 0.3

sources: BID: 93126

SOURCES

db:	CNVD	id:	CNVD-2016-08194
db:	VULHUB	id:	VHN-70085
db:	BID	id:	93126
db:	JVNDB	id:	JVNDB-2014-008181
db:	CNNVD	id:	CNNVD-201609-558
db:	NVD	id:	CVE-2014-2146

LAST UPDATE DATE

2024-11-23T22:49:13.957000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-08194	date:	2016-09-27T00:00:00
db:	VULHUB	id:	VHN-70085	date:	2017-02-19T00:00:00
db:	BID	id:	93126	date:	2016-09-23T10:21:00
db:	JVNDB	id:	JVNDB-2014-008181	date:	2016-09-28T00:00:00
db:	CNNVD	id:	CNNVD-201609-558	date:	2016-09-23T00:00:00
db:	NVD	id:	CVE-2014-2146	date:	2024-11-21T02:05:44.440

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-08194	date:	2016-09-27T00:00:00
db:	VULHUB	id:	VHN-70085	date:	2016-09-22T00:00:00
db:	BID	id:	93126	date:	2015-05-29T00:00:00
db:	JVNDB	id:	JVNDB-2014-008181	date:	2016-09-28T00:00:00
db:	CNNVD	id:	CNNVD-201609-558	date:	2016-09-23T00:00:00
db:	NVD	id:	CVE-2014-2146	date:	2016-09-22T17:59:00.133