CVE-2014-3347 — Cisco IOS vulnerability

CWE-3994 documents4 sources
Severity
5.4MEDIUMNVD
EPSS
0.4%
top 40.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedAug 28
Latest updateMay 17

Description

Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897.

CVSS vector

AV:N/AC:H/C:N/I:N/A:CExploitability: 4.9 | Impact: 6.9

Affected Packages1 packages

â–¶NVDcisco/ios15.1\(4\)m2

🔴Vulnerability Details

2
GHSA
GHSA-w2gc-qf48-fjxq: Cisco IOS 15↗2022-05-17
â–¶
CVEList
CVE-2014-3347: Cisco IOS 15↗2014-08-28
â–¶

📋Vendor Advisories

1
Cisco
Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability↗2014-08-28
â–¶
CVE-2014-3347 — Cisco IOS vulnerability | cvebase