CVE-2004-0714

CWE-3994 documents4 sources

Severity

5.0MEDIUM

EPSS

2.6%

top 14.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS Cisco Optical Networking Systems Software

Timeline

PublishedJul 27

Latest updateApr 29

Description

Cisco Internetwork Operating System (IOS) 12.0S through 12.3T attempts to process SNMP solicited operations on improper ports (UDP 162 and a randomly chosen UDP port), which allows remote attackers to cause a denial of service (device reload and memory corruption).

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDcisco/optical_networking_systems_software13 versions+12

▶NVDcisco/ios62 versions+61

Patches

Patch: www.cisco.com ↗Patch: www.kb.cert.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-vmv3-ppc5-6979: Cisco Internetwork Operating System (IOS) 12↗2022-04-29

▶

CVEList

CVE-2004-0714: Cisco Internetwork Operating System (IOS) 12↗2004-07-21

▶

📋Vendor Advisories

Cisco

Vulnerabilities in SNMP Message Processing↗2004-04-20

▶