Lucene search
K

8 matches found

CVE
CVE
added 2014/10/10 10:0 a.m.56 views

CVE-2014-3382

The CVE-2014-3382 entry corresponds to a DoS in Cisco ASA's SQLNET Inspection Engine. A remote attacker can trigger a device reload by sending crafted SQL REDIRECT packets, affecting ASA Software releases listed in the advisory (7.2–9.1 family with specific sub-versions). The vulnerability is tie...

7.8CVSS7.2AI score0.01377EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.51 views

CVE-2014-3383

CVE-2014-3383 affects Cisco ASA Software 9.1 before 9.1(5.1). The IKE implementation in the VPN component can be triggered by crafted UDP packets, allowing a remote attacker to cause a denial of service (device reload). Affected description is supported by multiple sources in the provided connect...

7.8CVSS6.6AI score0.01333EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.48 views

CVE-2014-3385

CVE-2014-3385 is a race condition in the Health and Performance Monitoring (HPM) feature of Cisco ASA Software that can be exploited by sending a large number of half-open TCP connections to trigger a device reload and DoS. Affected ASA versions include 8.3 (before 8.3(2.42)), 8.4 (before 8.4(7.1...

7.8CVSS6.7AI score0.01007EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.47 views

CVE-2014-3389

CVE-2014-3389 affects Cisco ASA VPN Failover component. The vulnerability arises from an improper implementation of the internal tunnel-filter for packets from an established VPN tunnel, allowing remote authenticated users to obtain failover-unit access via crafted packets. Connected advisories c...

9CVSS6.2AI score0.02797EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.46 views

CVE-2014-3388

Cisco ASA DNS Inspection Engine DoS vulnerability (CVE-2014-3388) affects ASA Software 9.0 before 9.0(4.13), 9.1 before 9.1(5.7), and 9.2 before 9.2(2). A remote attacker can cause a device reload by sending crafted DNS packets, as described in Cisco’s advisory and CVE entry. Affected component i...

7.8CVSS6.6AI score0.01328EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.41 views

CVE-2014-3387

Summary (CVE-2014-3387): The SunRPC Inspection Engine in Cisco ASA Software Vulnerable in listed release ranges (7.2 before 7.2(5.14), 8.x before 8.2(5.51), 8.3 before 8.3(2.42), 8.4 before 8.4(7.23), 8.5 before 8.5(1.21), 8.6 before 8.6(1.14), 8.7 before 8.7(1.13), 9.0 before 9.0(4.5), 9.1 befor...

7.8CVSS6.6AI score0.01328EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.40 views

CVE-2014-3384

CVE-2014-3384 affects Cisco ASA Software: IKEv2 implementation can be exploited by remote attackers to cause a denial of service (device reload) during tunnel creation. The vulnerability stems from the IKEv2 code handling crafted packets, with validated impact across listed versions: 8.4 before 8...

7.8CVSS6.5AI score0.01614EPSS
CVE
CVE
added 2014/10/10 10:0 a.m.38 views

CVE-2014-3386

The CVE-2014-3386 entry concerns Cisco ASA Software, affecting the GPRS Tunneling Protocol (GTP) inspection engine. The vulnerability allows an unauthenticated, remote attacker to cause a denial of service (device reload) by sending a crafted sequence of GTP packets (Bug ID CSCum56399). Affected ...

7.8CVSS6.5AI score0.01887EPSS