Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3402

Опубликовано: 10 окт. 2014
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens, which allows remote attackers to cause a denial of service (temporary MainApp hang) via a crafted connection request to the management interface, aka Bug ID CSCuq39550.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:intrusion_prevention_system:*:*:*:*:*:*:*:*
Версия до 7.0\(8\)e4 (включая)
cpe:2.3:a:cisco:intrusion_prevention_system:7.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(1\)e3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(2\)e3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(2\)e4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(3\)e4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(4\)e4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(5a\)e4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(6\)e4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:intrusion_prevention_system:7.0\(7\)e4:*:*:*:*:*:*:*

EPSS

Процентиль: 64%
0.00474
Низкий

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

github логотип

GHSA-mxxp-82c5-w5g9

github
больше 3 лет назад

The authentication-manager process in the web framework in Cisco Intrusion Prevention System (IPS) 7.0(8)E4 and earlier in Cisco Intrusion Detection System (IDS) does not properly manage user tokens, which allows remote attackers to cause a denial of service (temporary MainApp hang) via a crafted connection request to the management interface, aka Bug ID CSCuq39550.

EPSS

Процентиль: 64%
0.00474
Низкий

5 Medium

CVSS2

Дефекты

CWE-287