Lucene search
HistoryNov 28, 2014 - 2:59 a.m.
CVE-2014-3407
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
High
EPSS
0.002
Percentile
62.0%
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareRange≤9.3\(2\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | * | cpe:2.3:a:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:* |
Related
cisco
cisco
Cisco ASA Software SSL VPN Memory Blocks Exhaustion Vulnerability
2014-11-26 18:44:32
cvelist
cvelist
CVE-2014-3407
2014-11-28 02:00:00
cve
cve
CVE-2014-3407
2014-11-28 02:59:00
prion
prion
Design/Logic Flaw
2014-11-28 02:59:00
nessus
nessus
Cisco ASA SSL VPN Memory Blocks Exhaustion DoS (CSCuq68888)
2014-12-08 00:00:00
Fedora 20 : drupal7-7.32-1.fc20 (2014-13030)
2014-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: drupal7-7.32-1.fc20
2014-10-28 06:48:09
openvas
openvas
Fedora Update for drupal7 FEDORA-2014-13030
2014-10-29 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.5
Confidence
High
EPSS
0.002
Percentile
62.0%
Related for NVD:CVE-2014-3407