Sign-up

ID

VAR-201404-0584


CVE

CVE-2014-2155


TITLE

Cisco CNS Network Registrar of DHCPv6 Service operation interruption in server module (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-002193

DESCRIPTION

The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437. Vendors have confirmed this vulnerability Bug ID CSCuo07437 It is released as.Malformed by a third party DHCPv6 Service disruption via packets ( Daemon reload ) There is a possibility of being put into a state. Cisco Network Registrar is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCuo07437. CNS Network Registrar 7.1 is vulnerable; other versions may also be affected

Trust: 1.98

sources: NVD: CVE-2014-2155 // JVNDB: JVNDB-2014-002193 // BID: 66975 // VULHUB: VHN-70094

AFFECTED PRODUCTS

vendor:ciscomodel:cns network registrarscope:eqversion:7.1

Trust: 2.7

sources: BID: 66975 // JVNDB: JVNDB-2014-002193 // CNNVD: CNNVD-201404-400 // NVD: CVE-2014-2155

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-2155
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-2155
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201404-400
value: MEDIUM

Trust: 0.6

VULHUB: VHN-70094
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-2155
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-70094
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-70094 // JVNDB: JVNDB-2014-002193 // CNNVD: CNNVD-201404-400 // NVD: CVE-2014-2155

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-70094 // JVNDB: JVNDB-2014-002193 // NVD: CVE-2014-2155

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201404-400

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201404-400

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-002193

PATCH
title:Cisco Network Registrar DHCPv6 Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2155
Trust: 0.8
title:33850url:http://tools.cisco.com/security/center/viewAlert.x?alertId=33850
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-002193

EXTERNAL IDS
db:NVDid:CVE-2014-2155
Trust: 2.8
db:JVNDBid:JVNDB-2014-002193
Trust: 0.8
db:CNNVDid:CNNVD-201404-400
Trust: 0.7
db:SECUNIAid:57971
Trust: 0.6
db:CISCOid:20140417 CISCO NETWORK REGISTRAR DHCPV6 DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:BIDid:66975
Trust: 0.4
db:VULHUBid:VHN-70094
Trust: 0.1
sources:
            
            
            VULHUB: VHN-70094 // 
            
            
            
            BID: 66975 // 
            
            
            
            JVNDB: JVNDB-2014-002193 // 
            
            
            
            CNNVD: CNNVD-201404-400 // 
            
            
            
            NVD: CVE-2014-2155

REFERENCES
url:http://tools.cisco.com/security/center/viewalert.x?alertid=33850
Trust: 2.0
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-2155
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2155
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2155
Trust: 0.8
url:http://secunia.com/advisories/57971
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-70094 // 
            
            
            
            BID: 66975 // 
            
            
            
            JVNDB: JVNDB-2014-002193 // 
            
            
            
            CNNVD: CNNVD-201404-400 // 
            
            
            
            NVD: CVE-2014-2155

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 66975

SOURCES
db:VULHUBid:VHN-70094
db:BIDid:66975
db:JVNDBid:JVNDB-2014-002193
db:CNNVDid:CNNVD-201404-400
db:NVDid:CVE-2014-2155

LAST UPDATE DATE
2025-04-13T23:14:51.322000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-70094date:2014-04-21T00:00:00
db:BIDid:66975date:2014-04-18T00:00:00
db:JVNDBid:JVNDB-2014-002193date:2014-04-23T00:00:00
db:CNNVDid:CNNVD-201404-400date:2014-04-23T00:00:00
db:NVDid:CVE-2014-2155date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-70094date:2014-04-19T00:00:00
db:BIDid:66975date:2014-04-18T00:00:00
db:JVNDBid:JVNDB-2014-002193date:2014-04-23T00:00:00
db:CNNVDid:CNNVD-201404-400date:2014-04-23T00:00:00
db:NVDid:CVE-2014-2155date:2014-04-19T21:55:07.087