Sign-up

ID

VAR-201406-0313


CVE

CVE-2014-3299


TITLE

Cisco IOS Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-003030

DESCRIPTION

Cisco IOS allows remote authenticated users to cause a denial of service (device reload) via malformed IPsec packets, aka Bug ID CSCui79745. Cisco IOS There is a service disruption ( Device reload ) There are vulnerabilities that are put into a state. Cisco IOS is the interconnected network operating system used on most Cisco system routers and network switches. Allowing authenticated remote attackers to cause device overloading. This issue is being tracked by Cisco Bug ID CSCui79745

Trust: 2.52

sources: NVD: CVE-2014-3299 // JVNDB: JVNDB-2014-003030 // CNVD: CNVD-2014-03881 // BID: 68177 // VULHUB: VHN-71239

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-03881

AFFECTED PRODUCTS

vendor:ciscomodel:iosscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:iosscope:lteversion:15.4(2)t

Trust: 0.8

vendor:ciscomodel:iosscope: - version: -

Trust: 0.6

vendor:ciscomodel:ios 15.4 tscope: - version: -

Trust: 0.6

vendor:rockwellmodel:automation stratixscope:eqversion:59000

Trust: 0.3

vendor:ciscomodel:ios 15.4tscope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 15.4 t3scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 15.4 t2scope: - version: -

Trust: 0.3

vendor:ciscomodel:ios 15.4 t1scope: - version: -

Trust: 0.3

vendor:rockwellmodel:automation stratixscope:neversion:590015.6.3

Trust: 0.3

sources: CNVD: CNVD-2014-03881 // BID: 68177 // JVNDB: JVNDB-2014-003030 // CNNVD: CNNVD-201406-598 // NVD: CVE-2014-3299

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-3299
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-3299
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2014-03881
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201406-598
value: MEDIUM

Trust: 0.6

VULHUB: VHN-71239
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-3299
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2014-03881
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-71239
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2014-03881 // VULHUB: VHN-71239 // JVNDB: JVNDB-2014-003030 // CNNVD: CNNVD-201406-598 // NVD: CVE-2014-3299

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-71239 // JVNDB: JVNDB-2014-003030 // NVD: CVE-2014-3299

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201406-598

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201406-598

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-003030

PATCH
title:Cisco IOS Software IPsec Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3299
Trust: 0.8
title:34704url:http://tools.cisco.com/security/center/viewAlert.x?alertId=34704
Trust: 0.8
title:Patch for Remote Refusal Service Vulnerability in Cisco IOS Malformed IPsec Packageurl:https://www.cnvd.org.cn/patchInfo/show/46755
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2014-03881 // 
            
            
            
            JVNDB: JVNDB-2014-003030

EXTERNAL IDS
db:NVDid:CVE-2014-3299
Trust: 3.4
db:BIDid:68177
Trust: 2.0
db:SECTRACKid:1030473
Trust: 1.1
db:SECUNIAid:59382
Trust: 1.1
db:JVNDBid:JVNDB-2014-003030
Trust: 0.8
db:CNNVDid:CNNVD-201406-598
Trust: 0.7
db:OSVDBid:108377
Trust: 0.6
db:CNVDid:CNVD-2014-03881
Trust: 0.6
db:ICS CERTid:ICSA-17-094-04
Trust: 0.3
db:VULHUBid:VHN-71239
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2014-03881 // 
            
            
            
            VULHUB: VHN-71239 // 
            
            
            
            BID: 68177 // 
            
            
            
            JVNDB: JVNDB-2014-003030 // 
            
            
            
            CNNVD: CNNVD-201406-598 // 
            
            
            
            NVD: CVE-2014-3299

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3299
Trust: 2.6
url:http://www.securityfocus.com/bid/68177
Trust: 1.1
url:http://www.securitytracker.com/id/1030473
Trust: 1.1
url:http://secunia.com/advisories/59382
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3299
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3299
Trust: 0.8
url:http://osvdb.com/show/osvdb/108377
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/viewalert.x?alertid=34704
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-094-04
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2014-03881 // 
            
            
            
            VULHUB: VHN-71239 // 
            
            
            
            BID: 68177 // 
            
            
            
            JVNDB: JVNDB-2014-003030 // 
            
            
            
            CNNVD: CNNVD-201406-598 // 
            
            
            
            NVD: CVE-2014-3299

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 68177

SOURCES
db:CNVDid:CNVD-2014-03881
db:VULHUBid:VHN-71239
db:BIDid:68177
db:JVNDBid:JVNDB-2014-003030
db:CNNVDid:CNNVD-201406-598
db:NVDid:CVE-2014-3299

LAST UPDATE DATE
2025-04-13T22:28:15.306000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2014-03881date:2014-06-26T00:00:00
db:VULHUBid:VHN-71239date:2017-01-12T00:00:00
db:BIDid:68177date:2017-05-23T16:25:00
db:JVNDBid:JVNDB-2014-003030date:2014-06-26T00:00:00
db:CNNVDid:CNNVD-201406-598date:2014-06-27T00:00:00
db:NVDid:CVE-2014-3299date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2014-03881date:2014-06-26T00:00:00
db:VULHUBid:VHN-71239date:2014-06-25T00:00:00
db:BIDid:68177date:2014-06-24T00:00:00
db:JVNDBid:JVNDB-2014-003030date:2014-06-26T00:00:00
db:CNNVDid:CNNVD-201406-598date:2014-06-27T00:00:00
db:NVDid:CVE-2014-3299date:2014-06-25T11:19:21.963