VAR-201402-0383
Vulnerability from variot - Updated: 2023-12-18 12:21Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309. Vendors have confirmed this vulnerability Bug ID CSCum52355 and CSCul49309 It is released as.Malformed by a third party SNMP Service disruption via packets (MainApp Stop process ) There is a possibility of being put into a state. Attackers can exploit this issue to cause the MainApp process to become unresponsive, which leads to denial-of-service conditions. This issue is being tracked by Cisco Bug ID CSCum52355 and CSCul49309. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0383",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(3\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(2\\)e3"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(1\\)e3"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(6\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(7\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(8\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(5a\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(2\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "7.0\\(4\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "6.0.2.0"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0\\(9\\)e4"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "intrusion prevention system",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system software",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(2\\)e3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(8\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:6.0.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(1\\)e3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(7\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(9\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(2\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(3\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(4\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(5a\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:7.0\\(6\\)e4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:cisco:intrusion_prevention_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:intrusion_prevention_system:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2103"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "65864"
}
],
"trust": 0.3
},
"cve": "CVE-2014-2103",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-2103",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-70042",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-2103",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-473",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-70042",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70042"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309. Vendors have confirmed this vulnerability Bug ID CSCum52355 and CSCul49309 It is released as.Malformed by a third party SNMP Service disruption via packets (MainApp Stop process ) There is a possibility of being put into a state. \nAttackers can exploit this issue to cause the MainApp process to become unresponsive, which leads to denial-of-service conditions. \nThis issue is being tracked by Cisco Bug ID CSCum52355 and CSCul49309. The system can immediately interrupt, adjust or isolate some abnormal or harmful network data transmission behaviors",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "BID",
"id": "65864"
},
{
"db": "VULHUB",
"id": "VHN-70042"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-2103",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201402-473",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20140227 CISCO IPS MAINAPP SNMP DENIAL OF SERVICE VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "65864",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-70042",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70042"
},
{
"db": "BID",
"id": "65864"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"id": "VAR-201402-0383",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-70042"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:21:29.302000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco IPS MainApp SNMP Denial of Service Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-2103"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70042"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "NVD",
"id": "CVE-2014-2103"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-2103"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2103"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2103"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-70042"
},
{
"db": "BID",
"id": "65864"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-70042"
},
{
"db": "BID",
"id": "65864"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-27T00:00:00",
"db": "VULHUB",
"id": "VHN-70042"
},
{
"date": "2014-02-27T00:00:00",
"db": "BID",
"id": "65864"
},
{
"date": "2014-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"date": "2014-02-27T20:55:06.957000",
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"date": "2014-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-28T00:00:00",
"db": "VULHUB",
"id": "VHN-70042"
},
{
"date": "2014-03-07T00:52:00",
"db": "BID",
"id": "65864"
},
{
"date": "2014-03-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001512"
},
{
"date": "2014-02-28T16:48:16.063000",
"db": "NVD",
"id": "CVE-2014-2103"
},
{
"date": "2014-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Intrusion Prevention System Service disruption in software (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-001512"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-473"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…