CVE-2014-2103

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.8MEDIUM

EPSS

0.4%

top 41.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Intrusion Prevention System

Timeline

PublishedFeb 27

Latest updateMay 17

Description

Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP packets, aka Bug IDs CSCum52355 and CSCul49309.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 8.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/intrusion_prevention_system15 versions+14

🔴Vulnerability Details

GHSA

GHSA-8wf5-m44j-r94p: Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP pack↗2022-05-17

▶

CVEList

CVE-2014-2103: Cisco Intrusion Prevention System (IPS) Software allows remote attackers to cause a denial of service (MainApp process outage) via malformed SNMP pack↗2014-02-27

▶

📋Vendor Advisories

Cisco

Cisco IPS MainApp SNMP Denial of Service Vulnerability↗2014-03-03

▶