Sign-up

ID

VAR-201406-0102


CVE

CVE-2014-1997


TITLE

CN8000 vulnerable to denial-of-service (DoS)

Trust: 0.8

sources: JVNDB: JVNDB-2014-000046

DESCRIPTION

The ATEN CN8000 remote-access unit with firmware 1.6.154 and earlier allows remote attackers to cause a denial of service via unspecified vectors. CN8000 provided by ATEN contains a denial-of-service (DoS) vulnerability. CN8000 provided by ATEN is a remote access unit used to connect a keyboard, mouse and monitor to two or more computers in a remote location. CN8000 contains a denial-of-service (DoS) vulnerability. Testuya Nagata of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.A remote attacker may be able to cause a denial-of-service (DoS). ATEN IP KVM Switch is an IP-based multi-telephone switcher. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. ATEN CN8000 is a remote computer management device of ATEN Company that provides Over-IP remote management function for KVM multi-computer switcher

Trust: 2.52

sources: NVD: CVE-2014-1997 // JVNDB: JVNDB-2014-000046 // CNVD: CNVD-2014-03511 // BID: 67816 // VULHUB: VHN-69936

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-03511

AFFECTED PRODUCTS

vendor:atenmodel:cn8000scope:eqversion:1.6.154

Trust: 1.6

vendor:atenmodel:cn8000scope:eqversion: -

Trust: 1.0

vendor:atenmodel:cn8000scope: - version: -

Trust: 0.8

vendor:atenmodel:cn8000scope:lteversion:v1.6.154

Trust: 0.8

vendor:atenmodel:ip kvm cn8000scope:eqversion:1.6.154

Trust: 0.6

sources: CNVD: CNVD-2014-03511 // JVNDB: JVNDB-2014-000046 // CNNVD: CNNVD-201406-058 // NVD: CVE-2014-1997

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-1997
value: HIGH

Trust: 1.0

IPA: JVNDB-2014-000046
value: HIGH

Trust: 0.8

CNVD: CNVD-2014-03511
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201406-058
value: HIGH

Trust: 0.6

VULHUB: VHN-69936
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2014-1997
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2014-000046
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2014-03511
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-69936
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-03511 // VULHUB: VHN-69936 // JVNDB: JVNDB-2014-000046 // CNNVD: CNNVD-201406-058 // NVD: CVE-2014-1997

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2014-1997

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201406-058

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201406-058

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-000046

PATCH
title:CN8000, ATEN IP KVM switchurl:http://www.atenjapan.jp/products/KVM%E3%82%B9%E3%82%A4%E3%83%83%E3%83%81/IP-KVM%E3%82%B9%E3%82%A4%E3%83%83%E3%83%81/%E3%83%90%E3%83%BC%E3%83%81%E3%83%A3%E3%83%AB%E3%83%A1%E3%83%87%E3%82%A3%E3%82%A2%E5%AF%BE%E5%BF%9C-over-IP-KVM~CN8000.html
Trust: 0.8
title:ATEN IP KVM Switch has an unspecified denial of service vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/46229
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-03511 // 
            
            
            
            JVNDB: JVNDB-2014-000046

EXTERNAL IDS
db:NVDid:CVE-2014-1997
Trust: 3.4
db:JVNid:JVN78136804
Trust: 2.5
db:JVNDBid:JVNDB-2014-000046
Trust: 2.5
db:BIDid:67816
Trust: 2.0
db:CNNVDid:CNNVD-201406-058
Trust: 0.7
db:CNVDid:CNVD-2014-03511
Trust: 0.6
db:JVNid:JVN#78136804
Trust: 0.6
db:VULHUBid:VHN-69936
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-03511 // 
            
            
            
            VULHUB: VHN-69936 // 
            
            
            
            BID: 67816 // 
            
            
            
            JVNDB: JVNDB-2014-000046 // 
            
            
            
            CNNVD: CNNVD-201406-058 // 
            
            
            
            NVD: CVE-2014-1997

REFERENCES
url:http://jvn.jp/en/jp/jvn78136804/index.html
Trust: 2.5
url:http://jvndb.jvn.jp/jvndb/jvndb-2014-000046
Trust: 1.7
url:http://www.securityfocus.com/bid/67816
Trust: 1.1
url://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-1997
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-1997
Trust: 0.8
url:http://www.securityfocus.com/bid/67816/
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-03511 // 
            
            
            
            VULHUB: VHN-69936 // 
            
            
            
            JVNDB: JVNDB-2014-000046 // 
            
            
            
            CNNVD: CNNVD-201406-058 // 
            
            
            
            NVD: CVE-2014-1997

CREDITS
Testuya Nagata
Trust: 0.3
sources:
            
            
            BID: 67816

SOURCES
db:CNVDid:CNVD-2014-03511
db:VULHUBid:VHN-69936
db:BIDid:67816
db:JVNDBid:JVNDB-2014-000046
db:CNNVDid:CNNVD-201406-058
db:NVDid:CVE-2014-1997

LAST UPDATE DATE
2025-04-13T23:35:15.270000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-03511date:2014-06-10T00:00:00
db:VULHUBid:VHN-69936date:2014-06-18T00:00:00
db:BIDid:67816date:2014-06-04T00:00:00
db:JVNDBid:JVNDB-2014-000046date:2014-06-06T00:00:00
db:CNNVDid:CNNVD-201406-058date:2014-06-12T00:00:00
db:NVDid:CVE-2014-1997date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-03511date:2014-06-10T00:00:00
db:VULHUBid:VHN-69936date:2014-06-05T00:00:00
db:BIDid:67816date:2014-06-04T00:00:00
db:JVNDBid:JVNDB-2014-000046date:2014-06-04T00:00:00
db:CNNVDid:CNNVD-201406-058date:2014-06-06T00:00:00
db:NVDid:CVE-2014-1997date:2014-06-05T17:55:05.260