CVE-2014-3347
Summary
| CVE | CVE-2014-3347 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-08-28 23:55:00 UTC |
| Updated | 2017-08-29 01:34:00 UTC |
| Description | Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid state of the hardware encryption module, aka Bug ID CSCul77897. |
Risk And Classification
Problem Types: CWE-399
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | 1801 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1801 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1802 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1802 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1803 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1803 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1811 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1811 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1812 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1812 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1841 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1841 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1861 Integrated Service Router | - | All | All | All |
| Hardware | Cisco | 1861 Integrated Service Router | - | All | All | All |
| Operating System | Cisco | Ios | 15.1(4)m2 | All | All | All |
| Operating System | Cisco | Ios | 15.1\(4\)m2 | All | All | All |
| Operating System | Cisco | Ios | 15.1\(4\)m2 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco 1800 Series CVE-2014-3347 Denial of Service Vulnerability | BID | www.securityfocus.com | |
| Cisco 1800 Series Integrated Services Router ISDN Timing Error Lets Remote Users Deny Services - SecurityTracker | SECTRACK | www.securitytracker.com | |
| 20140827 Cisco 1800 Series ISR ISDN Basic Rate Interface Denial of Service Vulnerability | CISCO | tools.cisco.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| tools.cisco.com/security/center/viewAlert.x | CONFIRM | tools.cisco.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.