Details of VAR-201410-1003

ID

VAR-201410-1003

CVE

CVE-2014-3384

TITLE

Cisco ASA Software IKEv2 Service disruption in implementations (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2014-004658

DESCRIPTION

The IKEv2 implementation in Cisco ASA Software 8.4 before 8.4(7.15), 8.6 before 8.6(1.14), 9.0 before 9.0(4.8), and 9.1 before 9.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted packet that is sent during tunnel creation, aka Bug ID CSCum96401. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is tracked by Cisco Bug ID CSCum96401. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more. The vulnerability is caused by the program's improper handling of IKEv2 packets. The following versions are affected: Cisco ASA Software 8.4 prior to 8.4(7.15), 8.6 prior to 8.6(1.14), 9.0 prior to 9.0(4.8), 9.1 prior to 9.1(5.1)

Trust: 1.98

sources: NVD: CVE-2014-3384 // JVNDB: JVNDB-2014-004658 // BID: 70294 // VULHUB: VHN-71324

AFFECTED PRODUCTS

vendor:	cisco	model:	asa	scope:	eq	version:	8.4	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	8.4.2	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	8.6	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	8.4.3	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	9.0	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	8.4.4	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	9.1.5	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	8.4.1	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	8.6.1	Trust: 1.6
vendor:	cisco	model:	asa	scope:	eq	version:	9.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1(5.1)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(7.15)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(4.8)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.1	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	(asa)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6(1.14)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.6	Trust: 0.8

sources: JVNDB: JVNDB-2014-004658 // CNNVD: CNNVD-201410-207 // NVD: CVE-2014-3384

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-3384
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-3384
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201410-207
value:	HIGH
Trust: 0.6
VULHUB:	VHN-71324
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-3384
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-71324
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-71324 // JVNDB: JVNDB-2014-004658 // CNNVD: CNNVD-201410-207 // NVD: CVE-2014-3384

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-71324 // JVNDB: JVNDB-2014-004658 // NVD: CVE-2014-3384

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201410-207

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201410-207

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-004658

PATCH

title:	cisco-sa-20141008-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa	Trust: 0.8
title:	4718/0	url:	http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=4718&signatureSubId=0&softwareVersion=6.0&releaseVersion=S827	Trust: 0.8
title:	4718/1	url:	http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=4718&signatureSubId=1&softwareVersion=6.0&releaseVersion=S827	Trust: 0.8
title:	4718/2	url:	http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=4718&signatureSubId=2&softwareVersion=6.0&releaseVersion=S827	Trust: 0.8
title:	35907	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=35907	Trust: 0.8
title:	cisco-sa-20141008-asa	url:	http://www.cisco.com/cisco/web/support/JP/112/1126/1126286_cisco-sa-20141008-asa-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2014-004658

EXTERNAL IDS

db:	NVD	id:	CVE-2014-3384	Trust: 2.8
db:	JVNDB	id:	JVNDB-2014-004658	Trust: 0.8
db:	CNNVD	id:	CNNVD-201410-207	Trust: 0.7
db:	BID	id:	70294	Trust: 0.4
db:	VULHUB	id:	VHN-71324	Trust: 0.1

sources: VULHUB: VHN-71324 // BID: 70294 // JVNDB: JVNDB-2014-004658 // CNNVD: CNNVD-201410-207 // NVD: CVE-2014-3384

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141008-asa	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3384	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3384	Trust: 0.8
url:	www.cisco.com	Trust: 0.3

sources: VULHUB: VHN-71324 // BID: 70294 // JVNDB: JVNDB-2014-004658 // CNNVD: CNNVD-201410-207 // NVD: CVE-2014-3384

CREDITS

Cisco

Trust: 0.3

sources: BID: 70294

SOURCES

db:	VULHUB	id:	VHN-71324
db:	BID	id:	70294
db:	JVNDB	id:	JVNDB-2014-004658
db:	CNNVD	id:	CNNVD-201410-207
db:	NVD	id:	CVE-2014-3384

LAST UPDATE DATE

2025-04-13T23:18:15.592000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-71324	date:	2014-10-13T00:00:00
db:	BID	id:	70294	date:	2014-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2014-004658	date:	2014-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201410-207	date:	2014-10-14T00:00:00
db:	NVD	id:	CVE-2014-3384	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-71324	date:	2014-10-10T00:00:00
db:	BID	id:	70294	date:	2014-10-08T00:00:00
db:	JVNDB	id:	JVNDB-2014-004658	date:	2014-10-14T00:00:00
db:	CNNVD	id:	CNNVD-201410-207	date:	2014-10-14T00:00:00
db:	NVD	id:	CVE-2014-3384	date:	2014-10-10T10:55:06.243