CVE-2014-0710

CWE-362 — Race Condition4 documents4 sources

Severity

7.1HIGH

EPSS

0.3%

top 45.92%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firewall Services Module Software

Timeline

PublishedFeb 22

Latest updateMay 17

Description

Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and 4.x before 4.1(15) allows remote attackers to cause a denial of service (device reload) via certain matching traffic, aka Bug ID CSCuj16824.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/firewall_services_module_software79 versions+78

🔴Vulnerability Details

GHSA

GHSA-c4f3-q22x-8756: Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3↗2022-05-17

▶

CVEList

CVE-2014-0710: Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3↗2014-02-22

▶

📋Vendor Advisories

Cisco

Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability↗2014-02-20

▶