FKIE_CVE-2004-0710

Vulnerability from fkie_nvd - Published: 2004-07-27 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet.
References
cve@mitre.orghttp://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/904310Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.securityfocus.com/bid/10083Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/15797
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/904310Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10083Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/15797
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696
Impacted products
Vendor Product Version
cisco ios 12.2\(14\)sy
cisco ios 12.2\(14\)za
cisco ios 12.2\(14\)za2
cisco ios 12.2\(17a\)sxa
cisco ios 12.2sxa
cisco ios 12.2sxb
cisco ios 12.2sy
cisco ios 12.2za
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za:*:*:*:*:*:*:*",
              "matchCriteriaId": "26835676-2738-47CB-A364-78D1964FEC4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)za2:*:*:*:*:*:*:*",
              "matchCriteriaId": "209A1BE7-EEFC-476E-84E4-4EFD68DD7E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2\\(17a\\)sxa:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7F49F3-0A0A-4270-A657-CDE987637684",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2sxa:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7A672BD-87AE-424D-8735-073BBE9CE164",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2sxb:*:*:*:*:*:*:*",
              "matchCriteriaId": "95C033E3-184B-4AC1-B10D-8318FEAF73FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*",
              "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*",
              "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet."
    },
    {
      "lang": "es",
      "value": "El M\u00f3dulo de Servicios de Seguridad VPN (VPNSM) del Cisco Catalyst 6500 Series Switch y el Cisco 7600 Series Internet Routers corriendo IOS anterioreas a 12.2(17b)SXA, anteriores a 12.2(17d)SXB, o anteriores a before 12.2(14)SY03) podr\u00eda permitir a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda y reinicio del dispositivo) mediante un paquete Internet Key Exchange (IKE) malformado."
    }
  ],
  "id": "CVE-2004-0710",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-07-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/904310"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10083"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040408-vpnsm.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/904310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10083"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5696"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.