CVE-2014-3331

CWE-20Improper Input ValidationCWE-129Improper Array Index Validation6 documents6 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 46.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco ASR 5000 Series Software
Timeline
PublishedAug 20
Latest updateMay 17

Description

The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 11.0, 12.0, 12.1, 12.2, 14.0, 15.0, 16.x through 16.1.2, and 17.0 allows remote attackers to cause a denial of service (process crash) via a crafted TCP packet, aka Bug ID CSCuo21914.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-w2m9-fj8g-ffm2: The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 112022-05-17
OSV
linux-lts-utopic vulnerabilities2015-05-20
CVEList
CVE-2014-3331: The Session Manager component in Packet Data Network Gateway (aka PGW) in Cisco ASR 5000 Series Software 112014-08-20

📋Vendor Advisories

1
Cisco
Cisco Packet Data Network Gateway Denial of Service Vulnerability2014-08-19
CVE-2014-3331 (MEDIUM CVSS 4.3) | The Session Manager component in Pa | cvebase.io