CVE-2014-3406

CWE-362Race Condition5 documents5 sources
Severity
7.1HIGH
EPSS
0.3%
top 49.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Intrusion Prevention System
Timeline
PublishedOct 19
Latest updateMay 17

Description

Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1(7)E4 and earlier allows remote attackers to cause a denial of service (device reload) via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-23fc-p3ph-rj82: Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 72022-05-17
CVEList
CVE-2014-3406: Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 72014-10-19

📋Vendor Advisories

1
Cisco
Cisco Intrusion Prevention System IP Logging Denial of Service Vulnerability2014-10-14

💬Community

1
Bugzilla
CVE-2014-3994 python-djblets: XSS Vulnerability in Djblets json_dumps()2014-06-09
CVE-2014-3406 (HIGH CVSS 7.1) | Race condition in the IP logging fe | cvebase.io