Lucene search

[email protected]NVD:CVE-2014-3346

HistoryAug 29, 2014 - 9:55 a.m.

CVE-2014-3346

2014-08-2909:55:08

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.3

Confidence

High

EPSS

0.003

Percentile

70.5%

JSON

The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) does not validate an unspecified parameter, which allows remote authenticated users to cause a denial of service (service crash) via a crafted string, aka Bug ID CSCuq31819.

Affected configurations

Nvd

Node

ciscotransport_gateway_installation_softwareMatch4.0

VendorProductVersionCPE
ciscotransport_gateway_installation_software4.0cpe:2.3:a:cisco:transport_gateway_installation_software:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	transport_gateway_installation_software	4.0	cpe:2.3:a:cisco:transport_gateway_installation_software:4.0:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3346

www.securityfocus.com/bid/69441

www.securitytracker.com/id/1030773

exchange.xforce.ibmcloud.com/vulnerabilities/95588

CVSS2

6.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

AI Score

6.3

Confidence

High

EPSS

0.003

Percentile

70.5%

JSON

Related for NVD:CVE-2014-3346

cve1 prion1 cvelist1