Cisco Unified Computing System E-Series SSH Packet Handling Denial of Service Vulnerability

Bugtraq ID:	69652
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2014-3348
Remote:	Yes
Local:	No
Published:	Sep 05 2014 12:00AM
Updated:	Sep 05 2014 12:00AM
Credit:	Cisco
Vulnerable:	Cisco Unified Computing System E-Series Software (UCSE) 2.2.2 Cisco Unified Computing System E-Series Software (UCSE) 2.1 Cisco Unified Computing System E-Series Software (UCSE) 1.0.2 Cisco Unified Computing System E-Series Software (UCSE) 1.0.1
Not Vulnerable:

Cisco Unified Computing System E-Series SSH Packet Handling Denial of Service Vulnerability

Cisco Unified Computing System E-Series are prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to cause the affected device to become unresponsive, denying service to legitimate users.

This issue is being tracked by Cisco Bug ID CSCuo69206.

Cisco Unified Computing System E-Series SSH Packet Handling Denial of Service Vulnerability

Attackers can use standard, readily available tools to exploit this issue.

Cisco Unified Computing System E-Series SSH Packet Handling Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco Unified Computing System E-Series SSH Packet Handling Denial of Service Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco Integrated Management Controller SSH Denial of Service Vulnerability (Cisco)
  
• Cisco Integrated Management Controller SSH Denial of Service Vulnerability (Cisco)