Vulnerability-Lookup

CVE-2014-3348 (GCVE-0-2014-3348)

Vulnerability from cvelistv5 – Published: 2014-09-10 10:00 – Updated: 2024-08-06 10:43

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/viewAlert.…	x_refsource_CONFIRM
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/69652	vdb-entryx_refsource_BID
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id/1030813	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:43:05.120Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
          },
          {
            "name": "20140908 Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
          },
          {
            "name": "69652",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/69652"
          },
          {
            "name": "20140905 Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
          },
          {
            "name": "1030813",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030813"
          },
          {
            "name": "cisco-ucs-cve20143348-dos(95782)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
        },
        {
          "name": "20140908 Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
        },
        {
          "name": "69652",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/69652"
        },
        {
          "name": "20140905 Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
        },
        {
          "name": "1030813",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030813"
        },
        {
          "name": "cisco-ucs-cve20143348-dos(95782)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-3348",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588",
              "refsource": "CONFIRM",
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
            },
            {
              "name": "20140908 Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
            },
            {
              "name": "69652",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/69652"
            },
            {
              "name": "20140905 Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
            },
            {
              "name": "1030813",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030813"
            },
            {
              "name": "cisco-ucs-cve20143348-dos(95782)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-3348",
    "datePublished": "2014-09-10T10:00:00",
    "dateReserved": "2014-05-07T00:00:00",
    "dateUpdated": "2024-08-06T10:43:05.120Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-3348\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2014-09-10T10:55:07.880\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206.\"},{\"lang\":\"es\",\"value\":\"El m\u00f3dulo SSH en Integrated Management Controller (IMC) anterior a 2.3.1 en Cisco Unified Computing System en los servidores Blade de la serie E permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue de IMC) a trav\u00e9s de un paquete SSH manipulado, tambi\u00e9n conocido como Bug ID CSCuo69206.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.2.2\",\"matchCriteriaId\":\"EAF09AB9-C7C5-41A0-8243-A2FD9D6C6CB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_e140d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F30BDCDE-8746-4ECA-BB19-E5D775713BD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_e140dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9816FB73-843E-4143-BAF2-92C81F001A85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_e140s_m1:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8F0A53A-C719-4754-903D-82860992FCD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_e140s_m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8FFC8E7-3E49-46A8-93DB-55C055E351C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_e160d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"564A88A9-365B-4E1C-A94B-30C3CE9F4EDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_e160dp:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45511277-2E73-4D5B-895F-4A3DAE703977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:unified_computing_system_en120s_m2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EF4893B-6758-49C7-89CF-95773F8EC603\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=35588\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/69652\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1030813\",\"source\":\"psirt@cisco.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95782\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/viewAlert.x?alertId=35588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/69652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1030813\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/95782\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2014-3348

Vulnerability from fkie_nvd - Published: 2014-09-10 10:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse	Vendor Advisory
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348	Vendor Advisory
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=35588	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/69652
psirt@cisco.com	http://www.securitytracker.com/id/1030813
psirt@cisco.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/95782
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=35588	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/69652
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1030813
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/95782

Impacted products

Vendor	Product	Version
cisco	integrated_management_controller	*
cisco	unified_computing_system_e140d	-
cisco	unified_computing_system_e140dp	-
cisco	unified_computing_system_e140s_m1	-
cisco	unified_computing_system_e140s_m2	-
cisco	unified_computing_system_e160d	-
cisco	unified_computing_system_e160dp	-
cisco	unified_computing_system_en120s_m2	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAF09AB9-C7C5-41A0-8243-A2FD9D6C6CB0",
              "versionEndIncluding": "2.2.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_e140d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30BDCDE-8746-4ECA-BB19-E5D775713BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_e140dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9816FB73-843E-4143-BAF2-92C81F001A85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_e140s_m1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8F0A53A-C719-4754-903D-82860992FCD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_e140s_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FFC8E7-3E49-46A8-93DB-55C055E351C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_e160d:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "564A88A9-365B-4E1C-A94B-30C3CE9F4EDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_e160dp:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45511277-2E73-4D5B-895F-4A3DAE703977",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:unified_computing_system_en120s_m2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EF4893B-6758-49C7-89CF-95773F8EC603",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206."
    },
    {
      "lang": "es",
      "value": "El m\u00f3dulo SSH en Integrated Management Controller (IMC) anterior a 2.3.1 en Cisco Unified Computing System en los servidores Blade de la serie E permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue de IMC) a trav\u00e9s de un paquete SSH manipulado, tambi\u00e9n conocido como Bug ID CSCuo69206."
    }
  ],
  "id": "CVE-2014-3348",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-09-10T10:55:07.880",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/69652"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1030813"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/69652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1030813"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201409-0398

Vulnerability from variot - Updated: 2025-04-13 23:25

The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206. Cisco Unified Computing System E-Series are prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to cause the affected device to become unresponsive, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuo69206

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201409-0398",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unified computing system e160d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system en120s m2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system e140d",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "integrated management controller",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "2.2.2"
      },
      {
        "model": "unified computing system e160dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system e140dp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system e140s m1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified computing system e140s m2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "integrated management controller",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "2.3.1"
      },
      {
        "model": "ucs e140d",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs e140dp",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs e140s m1",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs e140s m2",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs e160d",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs e160dp",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "ucs en120s m2",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "integrated management controller",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "2.2.2"
      },
      {
        "model": "unified computing system e-series software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.2.2"
      },
      {
        "model": "unified computing system e-series software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "2.1"
      },
      {
        "model": "unified computing system e-series software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0.2"
      },
      {
        "model": "unified computing system e-series software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "69652"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:cisco:integrated_management_controller",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_e140d",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_e140dp",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_e140s_m1",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_e140s_m2",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_e160d",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_e160dp",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:unified_computing_system_en120s_m2",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "69652"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-3348",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2014-3348",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-71288",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2014-3348",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2014-3348",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201409-448",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-71288",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206. Cisco Unified Computing System E-Series are prone to a remote denial-of-service vulnerability. \nAttackers can exploit this issue to cause the affected device to become  unresponsive, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuo69206",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "BID",
        "id": "69652"
      },
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-3348",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "69652",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1030813",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-71288",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "db": "BID",
        "id": "69652"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "id": "VAR-201409-0398",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-13T23:25:22.906000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20140908-ucse",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
      },
      {
        "title": "Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
      },
      {
        "title": "35588",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
      },
      {
        "title": "35308",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=35308"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-119",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3348"
      },
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=35588"
      },
      {
        "trust": 1.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140908-ucse"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/69652"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1030813"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3348"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3348"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "db": "BID",
        "id": "69652"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "db": "BID",
        "id": "69652"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-09-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "date": "2014-09-05T00:00:00",
        "db": "BID",
        "id": "69652"
      },
      {
        "date": "2014-09-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "date": "2014-09-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "date": "2014-09-10T10:55:07.880000",
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-71288"
      },
      {
        "date": "2014-09-05T00:00:00",
        "db": "BID",
        "id": "69652"
      },
      {
        "date": "2014-11-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      },
      {
        "date": "2014-09-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      },
      {
        "date": "2025-04-12T10:46:40.837000",
        "db": "NVD",
        "id": "CVE-2014-3348"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Unified Computing System E Series blade server  Integrated Management Controller of  SSH Service disruption in modules  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-004131"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201409-448"
      }
    ],
    "trust": 0.6
  }
}

GSD-2014-3348

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-3348

Aliases

CVE-2014-3348

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-3348",
    "description": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206.",
    "id": "GSD-2014-3348"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-3348"
      ],
      "details": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206.",
      "id": "GSD-2014-3348",
      "modified": "2023-12-13T01:22:52.993074Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2014-3348",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588",
            "refsource": "CONFIRM",
            "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
          },
          {
            "name": "20140908 Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
          },
          {
            "name": "69652",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/69652"
          },
          {
            "name": "20140905 Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
          },
          {
            "name": "1030813",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1030813"
          },
          {
            "name": "cisco-ucs-cve20143348-dos(95782)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:cisco:integrated_management_controller:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.2.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_e140s_m1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_e140s_m2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_en120s_m2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_e140d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_e140dp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_e160d:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:unified_computing_system_e160dp:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-3348"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140905 Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
            },
            {
              "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
            },
            {
              "name": "20140908 Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
            },
            {
              "name": "1030813",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1030813"
            },
            {
              "name": "69652",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/69652"
            },
            {
              "name": "cisco-ucs-cve20143348-dos(95782)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-29T01:34Z",
      "publishedDate": "2014-09-10T10:55Z"
    }
  }
}

GHSA-7V92-W294-RHVV

Vulnerability from github – Published: 2022-05-17 01:25 – Updated: 2022-05-17 01:25

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-3348"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-09-10T10:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The SSH module in the Integrated Management Controller (IMC) before 2.3.1 in Cisco Unified Computing System on E-Series blade servers allows remote attackers to cause a denial of service (IMC hang) via a crafted SSH packet, aka Bug ID CSCuo69206.",
  "id": "GHSA-7v92-w294-rhvv",
  "modified": "2022-05-17T01:25:00Z",
  "published": "2022-05-17T01:25:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3348"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95782"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140908-ucse"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3348"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35588"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/69652"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1030813"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTFR-2014-AVI-374

Vulnerability from certfr_avis - Published: 2014-09-09 - Updated: 2014-09-09

Une vulnérabilité a été corrigée dans Cisco Unified Computing System. Elle permet à un attaquant de provoquer un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco UCS E140D
Cisco	N/A	Cisco UCS EN120S M2
Cisco	N/A	Cisco UCS E140S M2
Cisco	N/A	Cisco UCS E140DP
Cisco	N/A	Cisco UCS E160DP
Cisco	N/A	Cisco UCS E140S M1
Cisco	N/A	Cisco UCS E160D

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-3348 (GCVE-0-2014-3348)

FKIE_CVE-2014-3348

VAR-201409-0398

GSD-2014-3348

GHSA-7V92-W294-RHVV

CERTFR-2014-AVI-374

Solution

Tags

Sightings

Nomenclature