Details of VAR-201403-0478

ID

VAR-201403-0478

CVE

CVE-2014-2109

TITLE

Cisco IOS of TCP Input Denial of service in module (DoS) Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2014-001828

DESCRIPTION

The TCP Input module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4, when NAT is used, allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted TCP packets, aka Bug IDs CSCuh33843 and CSCuj41494. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. This issue is being tracked by Cisco Bug ID CSCue00996, CSCuh33843 and CSCuj41494

Trust: 2.61

sources: NVD: CVE-2014-2109 // JVNDB: JVNDB-2014-001828 // CNVD: CNVD-2014-01994 // BID: 66470 // VULHUB: VHN-70048 // VULMON: CVE-2014-2109

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-01994

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.0	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.3	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.2 to 12.4	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	15.0 to 15.4	Trust: 0.8
vendor:	cisco	model:	ios software	scope:	-	version:	-	Trust: 0.6
vendor:	rockwell	model:	automation stratix	scope:	eq	version:	59000	Trust: 0.3
vendor:	cisco	model:	ios 15.4s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.3s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2snh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.2e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1snh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1sng	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1sg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1gc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.1ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0mr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 15.0m	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.4xv	Trust: 0.3
vendor:	cisco	model:	ios 12.4xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xx	Trust: 0.3
vendor:	cisco	model:	ios 12.3xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xnf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xne	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xnd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xnc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xnb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xna	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sre	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2srd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2src	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2srb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sra	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2seg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2scf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sce	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2scd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2scc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2scb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sca	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ixh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ixg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2iri	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ire	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ird	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2irb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ez	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ex	scope:	-	version:	-	Trust: 0.3
vendor:	rockwell	model:	automation stratix	scope:	ne	version:	590015.6.3	Trust: 0.3

sources: CNVD: CNVD-2014-01994 // BID: 66470 // JVNDB: JVNDB-2014-001828 // CNNVD: CNNVD-201403-509 // NVD: CVE-2014-2109

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-2109
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-2109
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-01994
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201403-509
value:	HIGH
Trust: 0.6
VULHUB:	VHN-70048
value:	HIGH
Trust: 0.1
VULMON:	CVE-2014-2109
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-2109
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2014-01994
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-70048
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-01994 // VULHUB: VHN-70048 // VULMON: CVE-2014-2109 // JVNDB: JVNDB-2014-001828 // CNNVD: CNNVD-201403-509 // NVD: CVE-2014-2109

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-70048 // JVNDB: JVNDB-2014-001828 // NVD: CVE-2014-2109

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201403-509

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201403-509

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-001828

PATCH

title:	cisco-sa-20140326-nat	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140326-nat	Trust: 0.8
title:	33347	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=33347	Trust: 0.8
title:	cisco-sa-20140326-nat	url:	http://www.cisco.com/cisco/web/support/JP/112/1122/1122245_cisco-sa-20140326-nat-j.html	Trust: 0.8
title:	Cisco IOS TCP Traffic NAT Handling Patch for Memory Leaking Remote Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/44538	Trust: 0.6
title:	Cisco: Cisco IOS Software Network Address Translation Vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20140326-nat	Trust: 0.1

sources: CNVD: CNVD-2014-01994 // VULMON: CVE-2014-2109 // JVNDB: JVNDB-2014-001828

EXTERNAL IDS

db:	NVD	id:	CVE-2014-2109	Trust: 3.5
db:	BID	id:	66470	Trust: 2.1
db:	SECUNIA	id:	57630	Trust: 1.2
db:	JVNDB	id:	JVNDB-2014-001828	Trust: 0.8
db:	CNNVD	id:	CNNVD-201403-509	Trust: 0.7
db:	OSVDB	id:	104971	Trust: 0.6
db:	CNVD	id:	CNVD-2014-01994	Trust: 0.6
db:	CISCO	id:	20140326 CISCO IOS SOFTWARE NETWORK ADDRESS TRANSLATION VULNERABILITIES	Trust: 0.6
db:	ICS CERT	id:	ICSA-17-094-04	Trust: 0.4
db:	VULHUB	id:	VHN-70048	Trust: 0.1
db:	VULMON	id:	CVE-2014-2109	Trust: 0.1

sources: CNVD: CNVD-2014-01994 // VULHUB: VHN-70048 // VULMON: CVE-2014-2109 // BID: 66470 // JVNDB: JVNDB-2014-001828 // CNNVD: CNNVD-201403-509 // NVD: CVE-2014-2109

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140326-nat	Trust: 2.8
url:	http://www.securityfocus.com/bid/66470	Trust: 1.3
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2109	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2109	Trust: 0.8
url:	http://osvdb.com/show/osvdb/104971	Trust: 0.6
url:	http://secunia.com/advisories/57630/	Trust: 0.6
url:	http://secunia.com/advisories/57630	Trust: 0.6
url:	https://ics-cert.us-cert.gov/advisories/icsa-17-094-04	Trust: 0.4
url:	http://www.cisco.com/public/sw-center/sw-ios.shtml	Trust: 0.3
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=33347	Trust: 0.3
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=33349	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2014-01994 // VULHUB: VHN-70048 // VULMON: CVE-2014-2109 // BID: 66470 // JVNDB: JVNDB-2014-001828 // CNNVD: CNNVD-201403-509 // NVD: CVE-2014-2109

CREDITS

Cisco

Trust: 0.3

sources: BID: 66470

SOURCES

db:	CNVD	id:	CNVD-2014-01994
db:	VULHUB	id:	VHN-70048
db:	VULMON	id:	CVE-2014-2109
db:	BID	id:	66470
db:	JVNDB	id:	JVNDB-2014-001828
db:	CNNVD	id:	CNNVD-201403-509
db:	NVD	id:	CVE-2014-2109

LAST UPDATE DATE

2025-04-13T21:39:45.033000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-01994	date:	2014-03-28T00:00:00
db:	VULHUB	id:	VHN-70048	date:	2017-05-23T00:00:00
db:	VULMON	id:	CVE-2014-2109	date:	2017-05-23T00:00:00
db:	BID	id:	66470	date:	2017-05-23T16:25:00
db:	JVNDB	id:	JVNDB-2014-001828	date:	2014-03-31T00:00:00
db:	CNNVD	id:	CNNVD-201403-509	date:	2014-03-28T00:00:00
db:	NVD	id:	CVE-2014-2109	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-01994	date:	2014-03-28T00:00:00
db:	VULHUB	id:	VHN-70048	date:	2014-03-27T00:00:00
db:	VULMON	id:	CVE-2014-2109	date:	2014-03-27T00:00:00
db:	BID	id:	66470	date:	2014-03-26T00:00:00
db:	JVNDB	id:	JVNDB-2014-001828	date:	2014-03-31T00:00:00
db:	CNNVD	id:	CNNVD-201403-509	date:	2014-03-28T00:00:00
db:	NVD	id:	CVE-2014-2109	date:	2014-03-27T21:55:09.033